Tag
http
Safeguard articles tagged "http" — guides, analysis, and best practices for software supply chain and application security.
3 articles
Security Guides
node-fetch Security Guide (2026)
node-fetch brought the browser fetch API to Node.js and became a near-universal HTTP client — and its two real CVEs, a redirect-based header leak and a size-limit bypass, are exactly the kind of subtle bug that ships to millions of apps.
Jul 8, 20266 min read
Security Guides
HTTP Security Headers Explained (2026)
HTTP security headers are the cheapest defense-in-depth you can ship. Here is what each one does, the values to set in 2026, and how to verify they are actually present.
Jul 3, 20265 min read
Security Guides
Requests (Python) Security Guide (2026)
The Requests library is how most Python code talks HTTP — and a recurring class of credential-leak-on-redirect CVEs makes its version and config genuinely security-relevant.
Jul 3, 20266 min read