Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- Web security

  SameSite attribute in cookie

Starting from Chrome 51, a new attribute SameSite has been introduced for browser cookie. This attribute is to prevent CSRF attack. Cookie is normally used to store data exchanged between client and server. It frequently stores user login information. If a malicious website can forge a HTTP request with the valid third party website cookie, it may be called a CSRF attack. For example, if a user logins to a bank website your-bank.com, the bank server responds a cookie: Set-Cookie:id=a3fWa; L...

   JAVASCRIPT,COOKIE,SAMESITE,CHROME,CSRF     2019-09-14 04:57:51

  Hadoop or Spark: Which One is Better?

What is Hadoop? Hadoop is one of the widely used Apache-based frameworks for big data analysis. It allows distributed processing of large data set over the computer clusters. Its scalable feature leverages the power of one to thousands of system for computing and storage purpose. A complete Hadoop framework comprised of various modules such as: Hadoop Yet Another Resource Negotiator (YARN MapReduce (Distributed processing engine) Hadoop Distributed File System (HDFS) Hadoop Common Thes...

   COMPARISON,HADOOP,SPARK     2018-11-22 07:08:57

  Essential skills any web developer should have

As a web developer, besides writing HTML code, there is much more to do before the site can go live. You may consider about user experience, device compatibility, security etc. To be a good web developer, you should acquire some essential skills for web development. Below we list some of them. Some of them you may be familiar with a long time ago, but definitely some of them you may not be so familiar with or even never hear about before. Interface and User Experience Be aware that browsers imp...

   Web development,User experience     2014-03-21 06:44:49

  HTML5 Video and DRM

Many people call HTML5 an Adobe Flash replacement and I agree. Adobe already discontinued Flash on mobile devices. So HTML5 Video is a must for video on mobile phones and tablets. On the desktop Flash Video players are used more than HTML5 Video players but HTML5 video will work with a current web browser on a site that supports HTML5 video. Commercial video sites like YouTube will play partnered content in Flash even if you turned on HTML5 video at http://www.youtub...

   HTML5 Video,Flash,DRM,Comparison     2012-02-05 07:18:23

  How to play with cross domain request

What is cross domain request In simple, cross domain request is to request resource from other domain in one domain. Note, the "other domain" doesn't just mean domain name only, it includes much more. If the protocol, domain name, port is not the same, two domains will be considered different.  Below example describes what is considered as different domain. http://www.a.com/a.jshttp://www.a.com/b.js               # Same domainhttp://www.a.com/lab/a.js &nb...

   FRONT END,JSONP,CROSS DOMAIN,CROSS ORIGIN,CORS,DOCUMENT.DOMAIN,WINDOW.NAME     2016-11-06 00:48:54

  HeartBleed: Should C be blamed for the HeartBleed bug?

There is a discussion about the security of applications written in C on Hacker News recently after the report of HeartBleed bug in OpenSSL. In this discussion, some people are saying that the applications written in C are unsafe. It seems all or most of the faults should be laid on C. I think this is biased. The language itself should not be blamed.Safety is a relative term for programming languages. No language is absolutely safe. We claim some languages like Java and C# are safer than C/C++ b...

   C,HeartBleed,Analysis,Code review     2014-04-14 03:52:55

  Backend-as-a-service?

As the list of *-as-a-service’s continues to grow, I thought I’d throw one into the mix. What about the idea of a backend-as-a-service (BaaS)? The recent surge of client side Javascript frameworks along with the attractiveness of simple RESTful APIs has created an environment where server-side interaction can be reduced to simply database interaction (including validation and some computation). But why stop there? What if the server-side of the equation was simply a RESTful, ...

   Web design,Backend,Service,BaaS,Client JavaScript     2011-12-29 09:07:38

  Nielsen : Google ranks No.1 web brand

Nielsen released the 2012 digital industry rankings report, The report said Google continued to rank No.1. for web brand From January 2012 to October 2012, the average monthly unique visitors reached 172 million. Followed by Facebook which has 153 million average monthly unique visitors. In 2012, the online video service continues to grow, YouTube is still the largest online video site, an average annual 132 million unique visitors. Top 10 U.S. Web Brands of 2012 For the details of other ranks ...

   Nielsen, Web brand,2012     2012-12-22 10:02:05

  Developing an eCommerce Website? Here are 4 Things to Keep in Mind

  When it comes to Web development, it is a complicated process. There is a plethora of facets to assess, from performance to user experience. As far as building an eCommerce site is concerned, it is quite a challenging task. Most of the users tend to visit the website in order to gather information about and purchase products. For this reason, a Web Application Development Company tries its best to make this process intuitive and effortless. Besides considering usability, there are some po...

       2015-12-22 05:28:33

  Microsoft Edge extension manifest v2 migration to v3

In June 2023, Microsoft Edge would not allow Edge extensions with manifest version before v3 to be listed on Microsoft web stores as v3 extensions add more security privacy related restrictions on some of the functions. Hence all extensions with manifest v2 must migrate to v3. In this post, we would show how we did the migration for one of our extensions and the changes made. There is a checklist provided by Microsoft Edge team on what needs to be updated so that the extension can stil...

   MICROSOFT EDGE,EXTENSION,MANIFEST V3     2022-10-01 02:54:47

RECENT