Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- PROXY

  That “JavaScript not available” case

During some interesting discussions on Twitter yesterday I found that there is now more than ever a confusion about JavaScript dependence in web applications and web sites. This is a never ending story but it seems to me to flare up ever time our browsing technology leaps forward. I encountered this for the first time back in the days of DHTML. We pushed browsers to their limits with our lovely animated menus and 3D logos (something we of course learned not to do again, right?) and we were ...

   JavaScript,Security,Banned,Reason     2012-01-04 02:37:35

  Circumventing browser connection limits for fun and profit

A few days ago, this video hosted by metacafe popped up on digg, explaining how to increase site download times by tweaking your browser settings to increase connection parallelism. To explain why this works, let’s step back a bit to discuss how browsers manage server connections. In building any application, developers are often required to make ‘utilitarian’ choices. Pretentiously paraphrasing Jeremy Bentham, ‘utilitarian’ describes an approach that â...

   HTTP,Concurrent connection limit,Solution,AJAX     2011-12-14 13:01:02

  Coder or Clown?

That’s the challenge. Sit down with someone you’ve never met and try to work out if they are a coder or a clown. I don’t mean to insult anyone, of course, and I’m the first to acknowledge the years of training and effort that goes into being a professional clown. But some coders, oh boy. Like the time I interviewed a recent graduate. I’ll call her Ada. Full of sympathy for the novice programmer I started with a gentle warm-up, a soft-ball question to break the ...

   Coder,Clown,State,Profile,Category     2011-08-28 23:04:46

  Why isn't all internet traffic encrypted?

The biggest problem is that you must be able to verify that you're encrypting to the correct key. Without it, encryption would be practically useless, as anyone could perform a man-in-the-middle attack on the connection and remain undetected.In typical SSL/TLS, as well as other protocols using X.509, this verification is performed by "certification authorities", which are explicitly marked as "trusted" by web browsers and operating systems. Unfortunately, these CAs usual...

   Internet,Traffic,Encryption,Decryption,Security     2011-10-15 15:03:37

  Building a Modern Web Stack for the Real-time Web

The web is evolving. After a few years of iteration the WebSockets spec is finally here (RFC 6455), and as of late 2011 both Chrome and Firefox are SPDY capable. These additions are much more than just "enhancing AJAX", as we now have true real-time communication in the browser: stream multiplexing, flow control, framing, and significant latency and performance improvements. Now, we just need to drag our "back office" - our web frontends, app servers, and everything in between into this cen...

   Web design,Real-time web,web stack     2012-02-15 05:54:41

  Should All Web Traffic Be Encrypted?

The prevalence of free, open WiFi has made it rather easy for a WiFi eavesdropper to steal your identity cookie for the websites you visit while you're connected to that WiFi access point. This is something I talked about in Breaking the Web's Cookie Jar. It's difficult to fix without making major changes to the web's infrastructure. In the year since I wrote that, a number of major websites have "solved" the WiFi eavesdropping problem by either making encrypted HTTPS web traffic an accou...

   Web traffic,Security,HTTPS.Encryption,Wifi     2012-02-24 05:02:58

  Update & Delete Kubernetes resources in one-line command

It recently troubles me that my GKE cluster is managing more and more resources and causing difficulties in maintenance, one of which involves how to delete resources properly. Next, I will explain step by step the difficulties I encountered in my work and how I finally used the combination of bash commands and kubectl to implement the edition of Kubernetes objects through one-line command. In general The following are the basic operations that almost every Kubernetes user takes. Check ðŸ‘...

   KUBERNETES     2020-11-01 04:16:47

  Cloud Computing’s most Basic Concepts-Service Models

With the containerization of Docker, Kubernetes, CNCF, and the development of open-source communities, related frameworks and technology is booming and iterating rapidly. Cloud Computing, been applied for many years, is pushing developers into the new technological era. Companies and developers who are not using or not planning to use Cloud-Native gradually feel tremendous pressure in keeping up with the technology trends. The first step is to understand the concepts of IaaS, PaaS, FaaS, SaaS, S...

   CLOUD,PAAS,IAAS,CONCEPT     2021-01-24 05:23:11

  SQL Injection through HTTP Headers

During vulnerability assessment or penetration testing, identifying the input vectors of the target application is a primordial step. Sometimes, when dealing with Web application testing, verification routines related to SQL injection flaws discovery are restricted to the GET and POST variables as the unique inputs vectors ever. What about other HTTP header parameters? Aren’t they potential input vectors for SQL injection attacks? How can one test all these HTTP parameters and whic...

   Code security,SQL injection,HTTP header     2012-04-05 11:42:04

  10 Questions with Facebook Research Engineer – Andrei Alexandrescu

Today we caught up with Andrei Alexandrescu for a “10 Question” interview. He is a Romanian born research engineer at Facebook living in the US, you can contact him on his website erdani.com or @incomputable. We will talk about some of the juicy stuff that going on at Facebook, so let’s get started. Hello Andrei, welcome on Server-Side Magazine. 1. Tell us a little bit about yourself. Who are you? Where and what do you work? Who am I? Ah, the coffee breath of one talki...

   C++,Facebook,PHP,Future,Machine learning     2012-02-06 08:08:12

RECENT