Is Padding Oracle Attack possible with always 200 OK response

I currently perform penetration testing of ASP.NET application and trying to exploit Padding Oracle Attack. This AFAIK is based on response code analysis, but both ScriptResource and WebResource axds

Preventing "padding oracle" attack if data is streamed or too large for HMAC?

I know that the best solution against the padding oracle attack is to wrap and append a HMAC to the complete encrypted message. But what other solutions are there? What if my data is so large that I n

英文字母歌歌名是什么？