Outer Web | Explore

Explore >> Select a destination

You are here		www.sjoerdlangkemper.nl Cross site request forgery (CSRF)
\|	\|	smagin.fyi Cross-Site Requests \| SMAGIN	2.1 parsecs away Travel
\|	\|	Why do we have both CSRF protection and CORS?	2.1 parsecs away Travel
\|	\|	statuscode.ch Security and Nextcloud 9 - Lukas' Random Thoughts	1.6 parsecs away Travel
\|	\|	We're constantly working on adding more security features and hardenings to Nextcloud, after all it's your data and it has to be protected properly. While the Nextcloud 9 release fixes a critical security issue (we have informed upstream about this but in the meanwhile recommend upgrading as soon as possible) it also adds another new...	1.6 parsecs away Travel
\|	\|	www.michalspacek.com Stealing session ids with phpinfo() and how to stopit \| Michal ?pa?ek	4.1 parsecs away Travel
\|	\|	Stealing session ids from phpinfo() output has been a known technique for some time, and is used to bypass the HttpOnly attribute, which prohibits JavaScript from accessing a cookie marked as such (e.g. PHPSESSID). Ijust now thought of a solution that allows you to keep your phpinfo(): we'll simply censor the sensitive data, making phpinfo() lose some of its value to the attacker.	4.1 parsecs away Travel
\|	\|	stefanbohacek.com humans.txt \| Stefan Bohacek	23.7 parsecs away Travel
\|		[AI summary] A blog post discussing humans.txt, easter eggs, and reflections on the evolution of the internet and online communities.	23.7 parsecs away Travel