TLS and its main application HTTPS are an essential part of internet security. Since 2011, several attacks against the TLS Record protocol have been presented. To remediate these flaws, countermeasures have been proposed. They were usually specific to a particular attack, and were sometimes in contradiction with one another. All the proofs of concept targeted HTTPS and relied on the repetition of some secret element inside the TLS tunnel. In the HTTPS context, such secrets are pervasive, be they authentication cookies or anti-CSRF tokens. We present a comprehensive state of the art of attacks on the Record protocol and the associated proposed countermeasures. In parallel to the efforts of the community to find reliable long term solutions, we propose masking mechanisms to avoid the repetition of sensitive elements, at the transport or application level. We also assess the feasibility and efficiency of such defense-in-depth mechanisms. The recent POODLE vulnerability confirmed our proposals could thwart unknown attacks, since they would have blocked it.