SEARCH KEYWORD -- X-XSS-PROTECTION
Web Security: In-Depth Explanation of X-XSS-Protection
What is X-XSS-Protection X-XSS-Protection is an HTTP response header designed to enable or configure built-in cross-site scripting (XSS) filters in certain versions of Internet Explorer, Chrome, and Safari. The purpose of these filters is to detect reflected XSS attacks in the response and prevent the loading of pages, thereby protecting users from such attacks. The X-XSS-Protection response header was initially introduced by Microsoft in Internet Explorer 8 to control the browser's XSS filter. ...
X-XSS-PROTECTION,WEB SECURITY,CONTENT SECURITY POLICY,XSS,CSP 2023-11-29 01:48:40
How to check whether a web page can be loaded in iframe
Sometimes you may want to load other website's page in your own website's iframe, but due to some security concerns, other website may have security configurations which prevent you from loading their pages into your iframe. In this case, if you try to load them, you would see a blank page or a text message telling that it's prohibited. Fortunately, you can detect this before you actually decide to load it. To prevent a page from being loaded by an iframe from other site, the response ...
HTTP,HTML,IFRAME,SECURITY,X-FRAME-OPTIONS,CONTENT-SECURITY-POLICY 2018-07-27 22:36:02
Useful functions to provide secure PHP application
Security is a very important aspect of programming. There are many functions or modules in any kind of real programming language providing security functionalities In modern websites, we may often get inputs form users all around the world.There is a famous saying which says that never trust user input. So in web programming languages, we will often see functions which will guarantee the security of the data input from users. Today we will cover some of these functions in the most famous o...
PHP,security,SQL Injection,XSS,AJAX 2014-10-30 04:21:59
Access control in Java -- Permission check order
Previously we showed you how to turn on SecurityManager in Java. After SecurityManager is turned on, a series of permission checks will be applied on the code you are calling in your application to protect some resources against malicious access such as files, sockets etc. To perform these permission checks, a set of Permissions will be created and checked using the AccessController. The AccessController has three purposes : To decide whether an access to a critical system resource is to be all...
JAVA,SECURITY,ACCESSCONTROLLER 2016-03-07 04:17:40
Some hidden XSS injection vulnerabilities
XSS injection refers to a Web page generates some unexpected executable js codes based on user input and these executable codes are executed by web browser,i.e, the source code sent to web browser by the server contains some illegal js codes, and these illegal js codes are related to user's input. Common XSS injection vulnerabilities can be fixed with some functions such as htmlspecialchars(escaping HTML special characters) and strip_tags() or similar, but there are some hidden XSS injecti...
XSS,PHP,Security,Code,JavaScript 2012-08-27 20:32:08
Three Simple Ways to Improve the Security of Your Web App
It seems like web app security has entered the public conscious recently, probably as a result of the press covering the activities of groups like Anonymous and incidents like security breaches at several CAs. Here are a couple of quick security tips to improve the security of your web apps. Think of these as low-hanging fruit, not as a substitute for thorough analysis of your app’s security. If there’s interest in this topic we can do more posts, too - let us know in the com...
Web app,Security,X-FRAME-OPTIONS,SSL 2011-12-08 10:10:20
Access control in Java -- doPrivileged
Previously we have introduced how Java performs permission check to protect resource access. What if sometimes we need to give some class the temporary access to some resource which it initially doesn't have? AccessController provides six doPrivileged methods to fulfill this requirement. These six methods have below signatures : static T doPrivileged(PrivilegedAction action)static T doPrivileged(PrivilegedAction action, AccessControlContext context)static T doPrivileged(PrivilegedExceptionA...
JAVA,SECURITY,DOPRIVILEGED 2016-03-08 05:46:42
8 very useful and free web security testing tools
With more pervasive of web applications, web security threats are becoming increasingly prominent. Hackers gain web server control by exploiting web server vulnerabilities and SQL injection vulnerabilities, then they may tamper with web content, or steal important internal data, the more serious is to inject malicious code into web pages to affect visitors of websites. Attention is gradually warming up to Web Application Security. Here we recommend eight very useful and free web security testing...
Website, security,Web security,Attack 2012-07-22 10:59:09
ASP.NET 4 Breaking Changes #1: requestValidationMode cause ValidateRequest=False to fail
The request validation feature in ASP.NET provides a certain level of default protection against cross-site scripting (XSS) attacks. In previous versions of ASP.NET, request validation was enabled by default. However, it applied only to ASP.NET pages (.aspx files and their class files) and only when those pages were executing.In ASP.NET 4, by default, request validation is enabled for all requests, because it is enabled before the BeginRequest phase of an HTTP request. As a result, request valid...
ASP.NET,Html content,Error,ValidateRequest,requestValidationMode 2011-11-07 13:50:29
How to password protect a Winzip file
Winzip files are great ways of sharing documents and images of large sizes over the web or through email, since their reduced size makes it possible for them to be sent and received. Also, it is easier to manage one attachment than multiple. But what if the file contains sensitive information you don’t want snoopers to see? Simply add a password protection in Winzip. Adding a password will ensure more security and reliability of the transported files. How to add a Password to your Zip Fil...
DATA SECURITY,WINZIP 2019-08-29 11:42:41
RECENT
- Tips for Socializing With Friends During College
- Proximity Cards Do More Than Just Open Doors
- How to choose quality painted auto parts
- Oval engagement rings from MoonOcean: Elegance of form and individual approach
- Hologres vs AWS Redshift
- GoLand connect to Hologres
- A journey to investigate a goroutine leakage case
- Understanding Slice Behavior in Go
- Breaking Barriers: How 3D Printing is Democratizing Product Development
- The Power of Efficiency: 10 Practical Energy-Saving Tips for Tech Startups
- more>>