ALL


  Linux Kernel is replacing HTTP link with HTTPS

Linux kernel is in the process of replacing the HTTP links in its source code with HTTPS links. HTTPS is considered more secure than HTTP and can prevent lots of attacks like Man-In-The-Middle attack. Currently there are more than 150 patches submitted by Linux Kernel developers to replace these HTTP links. One thing to be noted is this replacement process is not a manual search and replace process. Indeed, some scripts are created to find out these links and try to find whether there is corresponding HTTPS link available and then do the replacement only if the HTTPS link works....

5,498 0       HTTP LINUX KERNEL HTTPS


  How to check whether a web page can be loaded in iframe

Sometimes you may want to load other website's page in your own website's iframe, but due to some security concerns, other website may have security configurations which prevent you from loading their pages into your iframe. In this case, if you try to load them, you would see a blank page or a text message telling that it's prohibited. Fortunately, you can detect this before you actually decide to load it.To prevent a page from being loaded by an iframe from other site, the response header sent to the browser will contain some options which denies the load. These response header opt...

36,646 2       SECURITY HTML IFRAME HTTP X-FRAME-OPTIONS CONTENT-SECURITY-POLICY


  Meta tag in HTML header

In server response, we can use response.setHeader() to set the meta information in header of a HTML page. The usage is response.setHeader(name,context);meta is used to simulate the response header of HTTP protocol in HTML page. It should be put between the <head> and </head> tag.1. <meta name="Generator" content="" > <!--This is to specify the tool which generates this page such as Microsoft FrontPage 4.0 etc -->2. <meta name="keywords" content=""> <!-- To tell the search engine what keywords your page contains -->3.<meta name="description" content="">...

58,569 0       HTTP META HTML HEAD


  Some useful Linux commands for teamwork

A small development team in the intranet will frequently transfer codes, share files. Here are some command we use frequently to release some of our work. They are not applicable to Windows users.1. Output program execution output through GTalk.Sometimes we may need to send the program execution result and log to teammates for debugging using IM. These outputs are very troublesome to copy and send while in command line mode. So we could have a program called gpipe.py which can put GTalk as a pipe after one program. For example:make 2>&1 | gpipe tinyfoolWith this line, The GTalk client o...

2,558 0       LINUX HTTP NFS GTALK


  Output a file with HTTP range header in PHP

When downloading a large file, we may encounter some network issues which causes download termination and only part of the file is downloaded. When the network connection resumes next time, we may need to redownload the file again from the beginning. In order to save bandwidth, http provides a Range parameter in its header which can control the file transfer flow. With the range parameter in the header, we can resume the download from where we stop.Here is a piece of PHP code snippet which uses the range header to control which part of the file to transfer: <?php $filename=$_GET['fi...

29,958 3       PHP HTTP RANGE FILE TRANSFER


  HTTP is not a transport protocol, HTTP is not RPC

Recently there was a question on the forums asking why we encourage usage of HttpRequestMessage<T> / HttpResponseMessage<T> in the signature of a web api implementation. The point made in the post is that if you have an ICalculator contract which your API implements, then it’s violating SOC / inappropriate to have those messages as params and in the contract. The argument is valid when looking at HTTP from the standpoint of an RPC mechanism, which is actually a quite common view.Not of the HTTP authors though. If you read Roy Fielding’s dissertation you will see very ...

2,822 0       HTTP TRANSPORT PROTOCOL RPC


  Circumventing browser connection limits for fun and profit

A few days ago, this video hosted by metacafe popped up on digg, explaining how to increase site download times by tweaking your browser settings to increase connection parallelism. To explain why this works, let’s step back a bit to discuss how browsers manage server connections.In building any application, developers are often required to make ‘utilitarian’ choices. Pretentiously paraphrasing Jeremy Bentham, ‘utilitarian’ describes an approach that ‘does the greatest good for the greatest number.’ Many times, sacrifices in performance are made...

3,923 0       HTTP CONCURRENT CONNECTION LIMIT SOLUTION AJAX