SEARCH KEYWORD -- UNSAFE



  What can .htaccess file do?

A .htaccess file is a directory-level configuration file supported by several web servers, that allows for decentralized management of web server configuration. What can a .htaccess file do? We summarized some of them here.  Hope it may help you. 1. Timezone settingSometimes when you use date() or mktime() functions in PHP, , it may display some weird information because of the timezone difference. For example, one possible warning is :Warning: date(): It is not safe to rely on the syste...

   .htaccess,setting,tip     2012-06-15 06:39:39

  Web Security: In-Depth Explanation of X-XSS-Protection

What is X-XSS-Protection X-XSS-Protection is an HTTP response header designed to enable or configure built-in cross-site scripting (XSS) filters in certain versions of Internet Explorer, Chrome, and Safari. The purpose of these filters is to detect reflected XSS attacks in the response and prevent the loading of pages, thereby protecting users from such attacks. The X-XSS-Protection response header was initially introduced by Microsoft in Internet Explorer 8 to control the browser's XSS filter. ...

   X-XSS-PROTECTION,WEB SECURITY,CONTENT SECURITY POLICY,XSS,CSP     2023-11-29 01:48:40

  Why is single threaded Redis so fast

Redis is a high-performance, in-memory key-value database. According to official test reports, it can support around 100,000 QPS (queries per second) on a single machine. However, Redis uses a single-threaded architecture in its design. Why does Redis still have such high performance with a single-threaded design? Wouldn't it be better to use multiple threads for concurrent request processing? In this article, let's explore why Redis has a single-threaded architecture and still maintains its spe...

   REDIS,SINGLE-THREADED,MULTI-THREADING     2023-02-28 05:16:22

  bcrypt: Safeguarding Passwords with Strong Hashing and Adaptive Security

Introduction In today's digital world, passwords play a crucial role in protecting personal privacy and information security. Passwords are the most commonly used means of authentication because they are simple yet effective. Password security is the cornerstone of cybersecurity and plays a fundamental role in safeguarding the information security of individuals and organizations. However, with the increasing frequency and complexity of cyberattacks, traditional password hashing algorithms like ...

   BCRYPT,SECURITY     2023-11-15 08:14:35

  What is goroutine?

Casual Talk Golang is quite enjoyable to write, aside from the tedious if err != nil checks. One of the fundamental reasons for the joy is goroutine, a core feature of Golang. Understanding goroutines in detail is worthwhile, as they contribute significantly to the pleasure of working with Golang. So, let's talk about goroutines, hoping to provide some insights to the readers. TL;DR: We'll start by talking about assembling a computer, then delve into some concepts of the operating system, such ...

   EXPLANATION,GOLANG,GOROUTINE     2024-01-21 03:26:10

  Python Deserialization Attack Introduction: How to Build a Python Pickle Bomb

This article introduces an old and classic unsecured Python data serialization feature (the pickle library) and demonstrates how a red team attacker can exploit it to create a malicious binary or text data file that executes remote code or commands upon deserialization. The following attack flow diagram illustrates this process: We will follow 3 steps with the program code to show how Deserialization Attacks Work:   [ Step1 ] Crafting Malicious Data: An attacker crafts a malicious payloa...

       2024-07-07 03:08:22

  Popular Golang JSON libraries evaluation

JSON (Javascript Object Notation), a prevailing data exchange format, is widely used in various platforms and languages. Golang, of course, will never miss the support for JSON. And with its own standard library, such as those interfaces like the REST API from the API Service in Kubernetes, it can easily process JSON. Although Go’s library works great, we can still seek those open-source JSON libs in Github to maximize our efficiency. Then the features, performance, applicability of these ...

   FASTJSON,JSON LIB,JSON LIB COMPARISON,GO-JSON     2021-12-11 23:13:23

  Understand GoLang WaitGroup internals and how it works

Background Before getting into the main content, let me give a brief introduction to WaitGroup and its related background knowledge. Here, the focus is on the basic usage of WaitGroup and the fundamental knowledge of system semaphores. For those who are familiar with these, you can skip this section directly. WaitGroup WaitGroup is one of the most common concurrency control techniques in Golang, and its function can be roughly compared to the join() in concurrency control of other languages' mul...

   GOLANG,WAITGROUP,SOURCE CODE     2023-04-26 08:02:01