SEARCH KEYWORD -- bypassed
Latest PHP patch cannot fix the bug
On Wednesday(2012-05-02), a remote code execution vulnerability in PHP was accidentally exposed to the Web, prompting fears that it may be used to target vulnerable websites on a massive scale. The bug itself was traced back to 2004, and came to light during a recent CTF competition.A CERT advisory on the flaw explains: “When PHP is used in a CGI-based setup (such as Apache's mod_cgid), the php-cgi receives a processed query string parameter as command line arguments which allows com...
HeartBleed: Should C be blamed for the HeartBleed bug?
There is a discussion about the security of applications written in C on Hacker News recently after the report of HeartBleed bug in OpenSSL. In this discussion, some people are saying that the applications written in C are unsafe. It seems all or most of the faults should be laid on C. I think this is biased. The language itself should not be blamed.Safety is a relative term for programming languages. No language is absolutely safe. We claim some languages like Java and C# are safer than C/C++ b...
C,HeartBleed,Analysis,Code review 2014-04-14 03:52:55
try { return } finally {}
Do you know what value will be printed when following program is ran? class Test { public int aaa() { int x = 1; try { return ++x; } catch (Exception e) { } finally { ++x; } return x; } public static void main(String[] args) { Test t = new Test(); int y = t.aaa(); System.out.println(y); } } And before answering the above question, do you have answers to following questions? If ther...
JAVA,JAVA INTERVIEW QUESTION 2016-09-26 08:06:28
A return to good code
Stop doing this:public boolean foo() { if (true) { return true; } else { return false; }}It always amazes me when I dig into an open source project, and I see code written by supposed experts, and reviewed by seasoned professionals, and nobody slaps the wrists of the developer who shoves return statements right in the middle of a method.Tell me, how hard is it to do this:public boolean foo() { boolean flag = true; ...
How can you test if your VPN is working properly?
Installing a VPN on your device is one of the essential steps you need to take in order to have a safe and pleasant online experience. It good functioning is in your best interest and this is why you need to make sure that your VPN is working properly. Unfortunately, a lot of problems can occur if it turns out that your VPN is not up to the task and that it has some leaks. Can a leak really occur? To answer you most directly – Yes! Yes, it can! Unfortunately, no system is perfect an...
VPN 2020-09-17 06:53:19
Web Security: In-Depth Explanation of X-XSS-Protection
What is X-XSS-Protection X-XSS-Protection is an HTTP response header designed to enable or configure built-in cross-site scripting (XSS) filters in certain versions of Internet Explorer, Chrome, and Safari. The purpose of these filters is to detect reflected XSS attacks in the response and prevent the loading of pages, thereby protecting users from such attacks. The X-XSS-Protection response header was initially introduced by Microsoft in Internet Explorer 8 to control the browser's XSS filter. ...
X-XSS-PROTECTION,WEB SECURITY,CONTENT SECURITY POLICY,XSS,CSP 2023-11-29 01:48:40
RECENT
- Oval engagement rings from MoonOcean: Elegance of form and individual approach
- Hologres vs AWS Redshift
- GoLand connect to Hologres
- A journey to investigate a goroutine leakage case
- Understanding Slice Behavior in Go
- Breaking Barriers: How 3D Printing is Democratizing Product Development
- The Power of Efficiency: 10 Practical Energy-Saving Tips for Tech Startups
- Connect to SQLite using Go on Windows
- Break down defer statements in GoLang
- Rust vs Go: how to choose the best programming language for your project?
- more>>