Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- Cross site

  A simple tutorial about CSS flex property

CSS Flexbox is a layout module that makes it easier to create flexible and responsive layouts in CSS. It provides a simple and powerful way to align elements within a container and distribute space between them. To use flexbox, you need to set the display property of an element to "flex". You can do this by adding the following rule to your CSS: .container { display: flex; } The flex container will now have two main axes: the main axis and the cross axis. By default, the main axis runs horizo...

   JUSTIFY-CONTENT,FLEX,CSS     2022-12-25 06:44:34

  The danger of target=_blank and opener

When want to open a new page in a new tab on clicking a link on a page, the usual way of achieving this is to use target="_blank" property in a tag. However, the use of this leaves space for phishing website. Background parent and opener Before talking about the opener object, let's know a bit about parent object when using iframe. HTML provides a parent object which is used to communicate between the parent page and the embedded iframe element. This parent object can be accessed using...

   HTML,TARGET BLANK,REL NOOPENER,REL NOREFERRER     2018-09-15 04:53:56

  Beauty of code : How to write graceful PHP code

Writing good code is an art. In order to achieve this, it is necessary to develop good programming habits at the beginning. Good programming habits not only contributes to the early project design (modular),but also allows you to the code easier to understand, so that the maintenance of the code is easier. Bad programming habits will result in more code bugs, and will make future maintenance work difficult. We introduce some good programming habits taking PHP as example. Hope this will help you....

   PHP,Good code     2012-08-26 12:23:03

  How to check whether a web page can be loaded in iframe

Sometimes you may want to load other website's page in your own website's iframe, but due to some security concerns, other website may have security configurations which prevent you from loading their pages into your iframe. In this case, if you try to load them, you would see a blank page or a text message telling that it's prohibited. Fortunately, you can detect this before you actually decide to load it. To prevent a page from being loaded by an iframe from other site, the response ...

   HTTP,HTML,IFRAME,SECURITY,X-FRAME-OPTIONS,CONTENT-SECURITY-POLICY     2018-07-27 22:36:02

  SameSite attribute in cookie

Starting from Chrome 51, a new attribute SameSite has been introduced for browser cookie. This attribute is to prevent CSRF attack. Cookie is normally used to store data exchanged between client and server. It frequently stores user login information. If a malicious website can forge a HTTP request with the valid third party website cookie, it may be called a CSRF attack. For example, if a user logins to a bank website your-bank.com, the bank server responds a cookie: Set-Cookie:id=a3fWa; L...

   JAVASCRIPT,COOKIE,SAMESITE,CHROME,CSRF     2019-09-14 04:57:51

  How to play with cross domain request

What is cross domain request In simple, cross domain request is to request resource from other domain in one domain. Note, the "other domain" doesn't just mean domain name only, it includes much more. If the protocol, domain name, port is not the same, two domains will be considered different.  Below example describes what is considered as different domain. http://www.a.com/a.jshttp://www.a.com/b.js               # Same domainhttp://www.a.com/lab/a.js &nb...

   FRONT END,JSONP,CROSS DOMAIN,CROSS ORIGIN,CORS,DOCUMENT.DOMAIN,WINDOW.NAME     2016-11-06 00:48:54

  Web Consistency Testing

Introduction Web Consistency Testing is a new form of Web testing that aims to answer the simple question: does this page look right? It's an automated approach to making sure a page looks the way we expect, whether that be cross-browser, over time (regression), in multiple locales, or whatever else we can think of. Kevin Menard, founder of Mogotest, presented an in-depth talk about what Web Consistency Testi...

   Website,Consistency,Testing,Consistency testing,Advice     2011-12-01 02:52:30

  Google.com is considered as partially dangerous by Google

Google has a service called Transparency Report which is to examine billions of URLs per day to identify dangerous pages which may trigger downloading of malicious software.  When you search a site, it will give the status of the site and also the safety details of the site if there are potential dangerous pages on the site.  These details will help the site owners to identify the potential issues and fix them as early as possible, Embarrassingly when searching for Google.com, it is c...

   GOOGLE,GOOGLE.COM     2016-04-20 00:38:15

  Why doesn't Microsoft involve in the patent war with Apple?

After Apple and Samsung patent war ends, Samsung immediately announced that they would continue to appeal. People are now guessing that the next target of Apple is Motorola and Google, while the situation getting worse, we could not help to ask why there is no emergence of Microsoft?At first glance, the answer seems to be very simple, both Microsoft Window 8 and Window Phone products do not have much intersection with Apple's products. But there is an unknown reason, there is a patent cross-lice...

   Microsoft,Apple,Patent     2012-08-27 22:10:19

  JS code to check different mobile devices

Today I come across a code snippet which uses JavaScript to check different mobile devices and then loads different CSS files accordingly. As we know that there are mobile devices with different screen sizes, it's always troublesome for web developers to develop cross browser and cross device compatible codes. Hope this one can help those who develop web apps on mobile devices. // Check whether it's a mobile device // wukong.name 20130716 if(/AppleWebKit.*Mobile/i.test(navigator.userAgent) || (...

   JavaScript,Mobile device,Detection     2013-11-28 05:25:10

RECENT