SEARCH KEYWORD -- code security
Microsoft Edge extension manifest v2 migration to v3
In June 2023, Microsoft Edge would not allow Edge extensions with manifest version before v3 to be listed on Microsoft web stores as v3 extensions add more security privacy related restrictions on some of the functions. Hence all extensions with manifest v2 must migrate to v3. In this post, we would show how we did the migration for one of our extensions and the changes made. There is a checklist provided by Microsoft Edge team on what needs to be updated so that the extension can stil...
MICROSOFT EDGE,EXTENSION,MANIFEST V3 2022-10-01 02:54:47
Three Simple Ways to Improve the Security of Your Web App
It seems like web app security has entered the public conscious recently, probably as a result of the press covering the activities of groups like Anonymous and incidents like security breaches at several CAs. Here are a couple of quick security tips to improve the security of your web apps. Think of these as low-hanging fruit, not as a substitute for thorough analysis of your app’s security. If there’s interest in this topic we can do more posts, too - let us know in the com...
Web app,Security,X-FRAME-OPTIONS,SSL 2011-12-08 10:10:20
JavaScript to open link in new window without being popup blocked
To ensure security and reduce spamming, modern browsers have implemented very strict rules on when a new window can be opened in a web page. Currently browsers restrict that any new web page to be opened in a new window must be initiated with an user action. The action is usually an user click event. Otherwise, a popup blocker would show on the browser address bar which indicates that something is blocked. To workaround this issue, normally you should implement the window open logic in a click e...
JAVASCRIPT,IFRAME,NEW WINDOW,OPEN LINK 2018-09-22 04:29:30
Chrome extension manifest v2 migration to v3
In 2023, Google would not allow Chrome extensions with manifest version before v3 to be listed on Chrome web stores as v3 extensions add more security privacy related restrictions on some of the functions. Hence all extensions with manifest v2 must migrate to v3. In this post, we would show how we did the migration for one of our extensions and the changes made. There is a checklist provided by Chrome team on what needs to be updated so that the extension can still work in v3. It can be checked ...
CHROME EXTENSION,MANIFEST V3,MIGRATION 2022-09-24 10:44:54
A serious security vulnerability found in MySQL/MariaDB
Recently a serious security vulnerability was found in MySQL/MariaDB. It relates to the access to the database. The issue is described below.When a user connects to MariaDB/MySQL, a token (SHA over a password and a random scramble string) is calculated and compared with the expected value. Because of incorrect casting, it might've happened that the token and the expected value were considered equal, even if the memcmp() returned a non-zero value. In this case MySQL/MariaDB would think that the p...
HTML Site vs. WordPress Theme: Which one is better?
Are you looking for a perfect platform to set up your website? Then, there might be a close competition between the simple HTML and the WordPress platform. In this blog post, we will try to explore some points that will help you in making the right decision. Let us overview at some advantages grasped by HTML and WordPress. 1. Security of a website It has been discovered that the website running on WordPress is more vulnerable to security threats and hackers. As we know, WordPress is open source...
WORDPRESS,WORDPRESS BENEFITS,HTML TO WP CONVERSION,HTML TO WORDPRESS,HTML WEBSITE 2015-10-24 07:36:54
Signature sign/verification demo in Java
Digital signature is commonly used in areas where data authentication and integrity are required. It is extremely important to have signature while transferring sensitive data from one peer to other peers through network since there might be malicious applications or man-in-the-middle attacks which may alter the data along the way. Java provides some APIs to generate and verify digital signature. One important class is Signature. When generating the signature, a private key needs to be pa...
Generate certificate in Java -- Self signed certificate
This is the first post in this series which I will show you how to generate SSL certificate in Java programmatically. Certificates are frequently used in SSL communication which requires the authentication of server to client. This is to make the client to trust that the server is actually the one it claims. Certificates are really important on the Internet. All HTTPS communications on the Internet need the server side to present their certificates signed by trusted CAs. The basic flow of a requ...
Java,Certificate,X509 2014-07-30 07:42:18
Send email using PHPMailer on GoDaddy hosting
According to PHPMailer troubleshooting guide, GoDaddy has a very strict rule on sending email using PHPMailer. Popular US hosting provider GoDaddy imposes very strict (to the point of becoming almost useless) constraints on sending an email. They block outbound SMTP to ports 25, 465 and 587 to all servers except their own. This problem is the subject of many frustrating questions on Stack Overflow. If you find your script works on your local machine, but not when you upload it to GoDaddy, ...
Top 10 PHP Best Security Practices for Sys Admins
PHP is widely used for various of web development. However, misconfigured server-side scripting would create all sorts of problem. And here are php security best practices that you should aware when configuring PHP securely. Nowadays most of the web servers are operated under Linux environment (like: Ubuntu, Debian...etc). Hence, in the following article, I am going to use list top 10 ways to enhance PHP Security Best Practices under Linux environment. My sample setup for PHP Security Tips: D...
PHP,code security,System admin,Advice,Best practice 2012-02-01 00:04:37
RECENT
- Tips for Socializing With Friends During College
- Proximity Cards Do More Than Just Open Doors
- How to choose quality painted auto parts
- Oval engagement rings from MoonOcean: Elegance of form and individual approach
- Hologres vs AWS Redshift
- GoLand connect to Hologres
- A journey to investigate a goroutine leakage case
- Understanding Slice Behavior in Go
- Breaking Barriers: How 3D Printing is Democratizing Product Development
- The Power of Efficiency: 10 Practical Energy-Saving Tips for Tech Startups
- more>>
