|
| DevCentral > Weblogs > - Two Different Socks
|
Firefox
There are 10 entries for the tag Firefox
 |
Somebody has to be first Recently Microsoft came up with a solution, supported natively in IE8, to protect against clickjacking attempts. Apparently some folks have decided that because Microsoft has a history of implementing proprietary solutions that this one, too, must be proprietary. These same folks must also have very little understanding of today’s web application architectures, as they declared the solution pretty much useless based on some pretty poor assumptions regarding the implementation of said solution. As noted in the Register, “some critics have contended the protection [X-FRAME-OPTIONS custom HTTP header] will be ineffective because...
posted @ Monday, June 29, 2009 3:15 AM |
|
|
But browser support is only half the solution, don’t forget to implement the server-side, too. Clickjacking, unlike more well-known (and understood) web application vulnerabilities, has been given scant amount of attention despite its risks and its usage. Earlier this year, for example, it was used as an attack on Twitter, but never really discussed as being a clickjacking attack. Maybe because aside from rewriting applications to prevent CSRF (adding nonces and validation of the same to every page) or adding framekillers there just haven’t been many other options to prevent the attack technique from being utilized against...
posted @ Tuesday, June 23, 2009 3:27 AM |
|
|
Over the years imaginative developers have come up with a number of ways through which they hope to stop the pilfering of their images. Whether due to copyright issues or the increased bandwidth and associated costs resulting from "hot linking", site owners have tried a variety of solutions from JavaScript that prevents the ability to right-click and "save as" to watermarking high-resolution versions to make their images less appealing to image thieves. Regardless of the reason you may want to prevent image theft, there's an easier and more effective method than introducing easily countered JavaScript and costly alternative...
posted @ Tuesday, October 21, 2008 3:31 AM |
|
|
After proclaiming very publicly that I loved HttpFox and everyone Related Posts should have it there were many comments regarding Firebug, including some that came via e-mail. I've used Firebug in the past, but hadn't really looked at it in comparison to HttpFox and thought that with so many people saying it was "all that and more" with regards to HttpFox, I should...
posted @ Friday, October 03, 2008 3:57 AM |
|
|
Whether you're a network architect, a web developer, or a web administrator there's one tool that's a must have in your troubleshooting toolbox: a protocol analyzer.
Like many network focused folks, I traditionally rely upon ethereal (now Wireshark) for protocol analysis. It decodes just about every protocol up and down the stack, and it can import/export to a variety of formats. But being connected to the corporate LAN via an SSL VPN, wireshark is often constrained by it's own architecture. Because it inserts itself into the network stack to gather data, it can't decrypt the SSL encrypted packets, which makes...
posted @ Friday, September 26, 2008 7:24 AM |
|
|
For those of you unfamiliar with the idiom, it should be taken to mean "benefiting one at the expense of another." In this case, Paul is the end-user and Peter is the server administrator. Or better yet, Paul is the browser and Peter is the server. All web browsers, including IE (Internet Explorer), impose a per-server connection limit was imposed to reduce overload on servers. This was introduced back when the web was exploding and browsers opened up connections willy-nilly and made server operators cry. Often. The limitation imposed by IE (two connections per host) was harsher...
posted @ Friday, September 05, 2008 4:19 AM |
|
|
Jeremiah Owyang, Senior Analyst, Social Computing, Forrester Research, tweeted recently on the subject of Chrome, Google's new open source browser. Jeremiah postulates: Chrome is a nod to the future, the address bar is really a search bar. URLs will be an anachronism. That's an interesting prediction, predicated on the ability of a browser translate search terms into destinations on the Internet. Farfetched? Not at all. After all, there already exists a layer of obfuscation between a URL and an Internet destination; one that translates host names into IP addresses,...
posted @ Thursday, September 04, 2008 4:52 AM |
|
|
Slashdot is discussing a recent rant regarding Mozilla FireFox 3's SSL policy regarding self-signed certificates. The rant claims that the policy is "bad for the web."
Nat Tuck Thu on Mozilla SSL policy bad for the Web
Mozilla Firefox 3 limits usable encrypted (SSL) web sites to those who are willing to pay money to one of their approved digital certificate vendors. This policy is bad for the web. Not only does it make users less secure overall by reducing the number of encrypted connections, it damages the basic principle of equality among web participants.
The problem...
posted @ Tuesday, August 05, 2008 10:59 AM |
|
|
Mozilla is planning to go for a Guinness World record for the most number of downloads within the first 24 hours of releasing Firefox 3, and are asking folks to pledge to download on release day. They are also suggesting download parties, following them on Twitter, and joining several groups they have create on MySpace, Facebook, and Bebo as part of the campaign to set the world record. Release is anticipated in June, so sign up soon! Imbibing: Water Technorati Tags: MacVittie,Firefox,Mozilla,world record,Guinness
posted @ Thursday, May 29, 2008 1:14 PM |
|
|
Matt Asay has an interesting post regarding the adoption of Firefox in the enterprise. According to a recent Forrester study, Firefox has garnered an 18% market share in that space in the US with an even larger share in Europe. Matt postulates that one of the drivers for adoption of Firefox is better performance. While he cites an evaluation of improved memory consumption as evidence of better performance, I'm willing to assert that it goes beyond simply memory consumption and into the realm of rendering speed and time to retrieve content. For example, modern browsers render content as it...
posted @ Tuesday, April 01, 2008 1:55 PM |
|
|
|
|
|
|
