Attacks on non-secure HTTP

The last few months have been a bounty of attacks against non-secure HTTP — things that HTTPS would have prevented.  This post is just a collection of links for reference.

Ping me at @rlbarnes if you’ve got others!