SEARCH KEYWORD -- CONTENT SECURITY POLICY



  An experience on fixing HTTP 406 Not Acceptable error

This post is about an experience of mine on fixing a HTTP 406 Not Acceptable error seen on one of my page. Just got back from a business trip and opened my computer as usual to start to monitor my website statistics. But when I opened the page on showing real time page views, it shows nothing but zero. So I pressed F12 to bring up the developer tool to check on what's going on. The logic of loading the real time page view is backed by AJAX call. In the developer tool console, I see that the rAJA...

   PHP,AJAX,HTML,HTTP 406,CONTENT-TYPE     2019-03-30 04:09:10

  Chrome to block mixed content downloads in version 86

Google has announced its plan to block mixed content downloads in Chrome in February 2020 and now the day to block mixed content downloads is coming soon as we are nearing October when Chrome 86 is supposed to be released. What is mixed content downloads? According to Google, it is non-HTTPS downloads started on secure pages. For example, if you access a page called https://example.com/download, and in this page, there is a download link to http://download.example.com/something, ...

   CHROME,MIXED CONTENT DOWNLOADS     2020-09-18 21:10:53

  Windows Security Improvements

Traenk is still upset by his recent dive into Windows security.  So much more was promised when the merger of Windows 9x and NT lines was announced, so long ago. I honestly expected better.Long ago, Microsoft announced that it would merge the then NT and Windows 9x lines of products.  Wow!  That means a file access control system, logging, different accounts and filespaces for accounts!  Finally!  We would have a secure version of Windows for our homes!And we do hav...

   Windows,Security,Improvement,Windows NT     2011-09-02 11:54:50

  Taking Precautions to Avoid Shady VPN Providers

VPNs or virtual private networks are virtual tunnels that obscure your IP address, routing your internet traffic through a server located in a country of your choice, in an encrypted and anonymous way. Using a VPN allows you to: secure your sensitive data from hackers obscure the IP address so you can see content not available in your country avoid websites you routinely surf (e.g., Facebook) noticing a different IP address when you are traveling, and asking you to verify your identity bypass t...

   VPN,NETWORKING     2019-02-19 07:26:26

  8 very useful and free web security testing tools

With more pervasive of web applications, web security threats are becoming increasingly prominent. Hackers gain web server control by exploiting web server vulnerabilities and SQL injection vulnerabilities, then they may tamper with web content, or steal important internal data, the more serious is to inject malicious code into web pages to affect visitors of websites. Attention is gradually warming up to Web Application Security. Here we recommend eight very useful and free web security testing...

   Website, security,Web security,Attack     2012-07-22 10:59:09

  A mini guide to HTTP referer

In HTTP header, there is a field named Referer which is to provide the referrer of the current accessed page. In this post, we will introduce the usage of HTTP referer field. On the web, when a user visits a webpage, s/he must be from some place. This place is usually referred a s referer. This information is very important to some website operators and server owners as they want to know where they get the traffic from and this helps them provide better service for potential targeted users. In t...

   HTML,HTTP REFERER,REFERRERPOLICY     2019-06-29 02:23:25

  Severe SSL 3.0 vulnerability to be released

According to The Register, another severe security vulnerability has been found in the widely used SSL v3 protocol. Until now, it's still in patch phase and the details of this vulnerability is expected to be released today. There are a few widely impacted security vulnerabilities revealed this year and they bring people's attention to the long existing security concerns. Previously, we have seen the HeartBleed issue and also the recently ShellShock issue. Both of them occur in popular libraries...

   SSL,Security vulnerability, The Register     2014-10-14 22:22:39

  Marissa Mayer brings 2nd Googler to Yahoo

A week ago, Anne Espiritu who was responsible for Google's public relations before leaving Google joined Yahoo, she became the first Googler Mayer brought to Yahoo. According to CNBC's Jon Fortt on Twitter, Google's former project manager Patricia Moll Kriese also left Google, formally joined Yahoo! as Senior Director of Yahoo's corporate projects.Although this news has not been confirmed by both companies, Patricia Moll Kriese's personal page on LinkedIn revealed that she left Google in August,...

   Yahoo,Marissa Mayer,Googler     2012-08-10 13:38:15

  Is Shared Hosting Secure?

Shared hosting is incredibly popular with users who are looking for the cheapest hosting available – the problem is that along with the low price you get poor performance and even more concerning – questionable security. When running on a shared host dozens if not hundreds of other sites are running on the same servers – this means any single security flaw in any of those applications can compromise the entire server. This  dramatically increases the odds of your ...

   Shared hosting,Virtual host,Security,Data security     2012-02-14 10:48:59

  Chrome to provide native image lazyload support

Previously we have introduced how Medium achieved loading images lazily, basically what they did was using lots of HTML tags and CSSs to change the images at different stage. It needs lots of code to do this. With the high demand of this feature for resource consumption and performance consideration, Chrome is now working on a feature to provide native support for loading images/iframes lazily. This feature is named lazyload. lazyload will allow three values: auto: the default behavior of ...

   CHROME,LAZYLOAD,IMAGE,IFRAME     2018-09-22 23:04:35