1.    [BCP90]    Klyne, G., Nottingham, M., and J. Mogul, "Registration
    2.               Procedures for Message Header Fields", BCP 90, RFC 3864,
    3.               September 2004.
    5.    [OWASP]    van der Stock, A., Ed., "A Guide to Building Secure Web
    6.               Applications and Web Services", The Open Web Application
    7.               Security Project (OWASP) 2.0.1, July 2005,
    8.               <https://www.owasp.org/>.
    10.    [RFC2616]  Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
    11.               Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext
    12.               Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.
    14.    [RFC2617]  Franks, J., Hallam-Baker, P., Hostetler, J., Lawrence, S.,
    15.               Leach, P., Luotonen, A., and L. Stewart, "HTTP
    16.               Authentication: Basic and Digest Access Authentication",
    17.               RFC 2617, June 1999.
    19.    [RFC3986]  Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
    20.               Resource Identifier (URI): Generic Syntax", STD 66,
    21.               RFC 3986, January 2005.
    23.    [RFC4648]  Josefsson, S., "The Base16, Base32, and Base64 Data
    24.               Encodings", RFC 4648, October 2006.
    26.    [RFC5226]  Narten, T. and H. Alvestrand, "Guidelines for Writing an
    27.               IANA Considerations Section in RFCs", BCP 26, RFC 5226,
    28.               May 2008.
    30.    [RFC5246]  Dierks, T. and E. Rescorla, "The Transport Layer Security
    31.               (TLS) Protocol Version 1.2", RFC 5246, August 2008.