Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- Asynchronous request

  Generate certificate in Java -- Certificate chain

In previous post, we have introduced the use of Certificate and how to generate self signed certificate using Java. In this post, we will show you how to generate a certificate chain. Sometimes we may only have a certificate request or we don't have a trusted certificate which can be used for business. Now we need to have a trusted CA to sign our certificate so that it can be used on SSL communications. To generate a certificate chain, we may first have our own certificate(A), then we may use ot...

   Java,Certificate chain,Creation, Pure Java     2014-07-30 08:24:52

  SQL Injection through HTTP Headers

During vulnerability assessment or penetration testing, identifying the input vectors of the target application is a primordial step. Sometimes, when dealing with Web application testing, verification routines related to SQL injection flaws discovery are restricted to the GET and POST variables as the unique inputs vectors ever. What about other HTTP header parameters? Aren’t they potential input vectors for SQL injection attacks? How can one test all these HTTP parameters and whic...

   Code security,SQL injection,HTTP header     2012-04-05 11:42:04

  Accessing Reddit top posts using OAuth

Previously one can use the https://www.reddit.com/r/rprogramming/top.json API to access one subreddit's top posts. This API doesn't require any access token to fetch the data. However, this API may not work all the time. Reddit may block the API's request if it finds that you are using a script or some app which accesses the API now and then. For an app or script which needs to fetch the data routinely, what should we do? Reddit provides one method which can be used to fetch this kind of to...

   REDDIT,OAUTH,TOP POSTS,HOT POSTS     2023-12-16 07:24:14

  C++ for the Real-Time Web

C++? Why on Earth? C++ seems like one of the least likely languages to write a web application in. C++ is associated with complexity, both with language design and the need to manually manage memory. Programming in C++ unleashes a whole class of bugs associated with memory corruption and memory allocation. This is a trade off for giving more power to the developer along generally being much faster than equivalent programs in languages such as Python or Ruby. Real-time Web as a Use Case Making...

   C++,Web development,Real time     2012-01-30 06:00:20

  How to Stream Your PC Games to Android with Steam Link

If you are a PC gamer who is in a hurry to compete, Steam Link is looking for a possible answer. With this on your Android phone, you can play games on your phone with your computer. What is steam link? Basically, steam link is a perspective of streaming your steam library in other gadgets. The first steam link is a physical set of the best box you share with your TV, and after using its gaming PC after playing the Fate Grand Order game in your TV. The steam link application is another Andr...

   PC GAMES TO ANDROID WITH STEAM LINK     2018-06-03 05:04:33

  File upload in PHP

File is a special kind of form data, when being uploaded to the server through HTTP POST request, PHP will create a $_FILES global array, the relevant file information will be stored in this global array. We will illustrate file upload with some code snippets using PHP and look into the internal work mechanism. Lastly will talk about file upload security. File upload In order for users to upload files in client side, we have to provide a form on the user interface. Since the uploaded file is a s...

   File upload,PHP     2012-11-30 22:01:28

  Cracking Siri

On October 14, 2011, Apple introduced the new iPhone 4S. One of its major new features was Siri, a personal assistant application. Siri uses a natural language processing technology to interact with the user.Interestingly, Apple explained that Siri works by sending data to a remote server (that’s probably why Siri only works over 3G or WiFi). As soon as we could put our hands on the new iPhone 4S, we decided to have a sneak peek at how it really works.Today, we managed to crack ...

   Siri,Cracking,Defect,Speech to text,Record,AI     2011-11-15 08:38:23

  Unfortunate Python

Python is a wonderful language, but some parts should really have bright WARNING signs all over them. There are features that just can't be used safely and others are that are useful but people tend to use in the wrong ways. This is a rough transcript of the talk I gave at my local Python group on November 15, with some of the audience feed back mixed in. Most of this came from hanging around the Python IRC channel, something I highly recommend. [update 2011-12-19: improved "array" cr...

   Python,Defects,Deprecated methods,Warning     2011-12-20 08:27:36

  Microsoft Edge extension manifest v2 migration to v3

In June 2023, Microsoft Edge would not allow Edge extensions with manifest version before v3 to be listed on Microsoft web stores as v3 extensions add more security privacy related restrictions on some of the functions. Hence all extensions with manifest v2 must migrate to v3. In this post, we would show how we did the migration for one of our extensions and the changes made. There is a checklist provided by Microsoft Edge team on what needs to be updated so that the extension can stil...

   MICROSOFT EDGE,EXTENSION,MANIFEST V3     2022-10-01 02:54:47

  Chrome extension manifest v2 migration to v3

In 2023, Google would not allow Chrome extensions with manifest version before v3 to be listed on Chrome web stores as v3 extensions add more security privacy related restrictions on some of the functions. Hence all extensions with manifest v2 must migrate to v3. In this post, we would show how we did the migration for one of our extensions and the changes made. There is a checklist provided by Chrome team on what needs to be updated so that the extension can still work in v3. It can be checked ...

   CHROME EXTENSION,MANIFEST V3,MIGRATION     2022-09-24 10:44:54

RECENT