SEARCH KEYWORD -- AVALANCHE EFFECT


  SameSite attribute in cookie

Starting from Chrome 51, a new attribute SameSite has been introduced for browser cookie. This attribute is to prevent CSRF attack. Cookie is normally used to store data exchanged between client and server. It frequently stores user login information. If a malicious website can forge a HTTP request with the valid third party website cookie, it may be called a CSRF attack. For example, if a user logins to a bank website your-bank.com, the bank server responds a cookie: Set-Cookie:id=a3fWa; L...

   JAVASCRIPT,COOKIE,SAMESITE,CHROME,CSRF     2019-09-14 04:57:51

  Rebirth of Microsoft?

Only from the point of view of design and products, Microsoft may seem like an ongoing decline of the old giant: IE browser market share continues to drop, PC market continues to shrink where Windows depends on and tablet PC market gets rapid expansion, Windows Mobile, Windows phone perform not so well, even CEO Steve Ballmer is often ridiculed and accused. All these seem to indicate that Microsoft's golden era is over. But on the other hand, while its net profit for the past two years has ...

   Microsoft,Rebirth,change     2012-10-05 20:09:15

  Web Security: In-Depth Explanation of X-XSS-Protection

What is X-XSS-Protection X-XSS-Protection is an HTTP response header designed to enable or configure built-in cross-site scripting (XSS) filters in certain versions of Internet Explorer, Chrome, and Safari. The purpose of these filters is to detect reflected XSS attacks in the response and prevent the loading of pages, thereby protecting users from such attacks. The X-XSS-Protection response header was initially introduced by Microsoft in Internet Explorer 8 to control the browser's XSS filter. ...

   X-XSS-PROTECTION,WEB SECURITY,CONTENT SECURITY POLICY,XSS,CSP     2023-11-29 01:48:40

  Strict mode in JavaScript

1. Introduction In addition to normal mode, ECMAScript 5 includes the other mode : strict mode. It means it will make JavaScript codes execute in a more strict environment. The purposes to have strict mode are: Remove some unreasonable and parts of JavaScript syntax. Reduce some of the quirk behaviors. Remove some insecure parts of code execution. Make the execution environment more secure Improve interpret efficiency and increase the execution speed Build foundation for future JavaScript versi...

   JavaScript, Strict mode. Introduction     2013-01-17 05:00:26

  It makes nothing but sense...Mobile Payment...

Chinese New Year is around the corner, every place in China and lots of places in the work have been in the CNY mode. People are rushing out to get all the stuff ready to welcome the New Year Eveand the Spring Festival. I also packed my stuff and flew back to my howntown in China to enjoy the great moment to stay with families and hang out with friends whom I have't been seeing for almost one year. I am exited... However, the first thing stunned me is not my friends but the mobile payment s...

   CHINA,WECHAT PAY,ALIPAY,MOBILE PAYMENT     2018-02-12 00:07:46

  JavaScript programming style

Douglas Crockford is a JavaScript expert, he is the inventor of JSON. In November 2011 he made a speech "Youtube", during the speech he talked about what JavaScript programming style is.I recommend this speech to everyone, it not only helps you learn JavaScript but also make you enjoying because Crockford is very humorous and he made audience laugh frequently.Next I will summarize JavaScript programming style according to this speech and his article code convention. The so-called programming ...

   JavaScript, programming style,Curly braces,Equal     2015-10-14 10:16:44

  GoLang Interview Questions

Below lists some frequently asked GoLang interview questions and their corresponding answers based on the author's experience. The list is updated frequently with new understandings. Stay tuned. What is the GMP model of GoLang? GoLang uses goroutine to achieve concurrency and it is famous for high concurrency support as the language defines its own goroutine dispatching and processing system which is well known as GMP model. How it works is that M is normally defined as the OS thread being spawn...

   MEMORY,CONCURRENCY,INTERVIEW QUESTION,GOLANG     2024-05-25 03:08:18

  Cybersecurity | The New Dangers That Lurk Online and Their Solutions

(Image source: Pexels) Data is one of the most important things to us. While robbers that steal valuables like laptops, phones, or money are still a threat, cybercrimes are also more dangerous than ever. That’s because your data is far more valuable than you might think. Companies benefit from users’ data by applying it for their indexing, marketing, and accumulation needs. They actively use this information to sell you more products. Have you ever visited Amazon and instantly got a ...

   DATA SECURITY,VPN     2020-04-23 06:47:37

  Understand GoLang WaitGroup internals and how it works

Background Before getting into the main content, let me give a brief introduction to WaitGroup and its related background knowledge. Here, the focus is on the basic usage of WaitGroup and the fundamental knowledge of system semaphores. For those who are familiar with these, you can skip this section directly. WaitGroup WaitGroup is one of the most common concurrency control techniques in Golang, and its function can be roughly compared to the join() in concurrency control of other languages' mul...

   GOLANG,WAITGROUP,SOURCE CODE     2023-04-26 08:02:01

  Best practices of front end optimization

1. Use DocumentFragment or innerHTML to replace complex elements insertion DOM operation on browser is expensive. Although browser performance is improved much, multiple DOM elements insertion is still expensive and will affect the page load speed. Assume we have an ul element on our page, we now want to retrieve a JSON list using AJAX and then update the ul using JavaScript. Usually we may write it as : var list = document.querySelector('ul'); ajaxResult.items.forEach(function(item) { // ...

   JavaScript,Front end,Optimization,Tips     2013-07-06 11:26:27

RECENT