hey 
http://breachattack.com/#howitworks
is save to use gzip and ssl with Vikunja?
If I understood that attack correctly, Vikunjs is not vulnerable since there are no secrets in the body of http requests which could then be reflected.
Also the vulnerability is from 2013 so Iād expect the gzip implementations in nginx nowadays to prevent these kinds of attacks.
1 Like