web

How many Australasian banks use HSTS?

pa href=https://developer.mozilla.org/docs/Security/HTTP_Strict_Transport_SecurityHTTP Strict Transport Security/a
is a simple mechanism that secure sites can use to protect their users
against an a href=http://www.thoughtcrime.org/software/sslstrip/sslstrip/a-style
HTTPS-to-HTTP downgrade attack./p

h1 id=Typical_attackTypical attack/h1

pThe typical HTTPS-to-HTTP downgrade attack looks like this:/p

ol
livictim connects to a compromised wifi access point/li
livictim connects to bank.com using attacker's DNS resolver/li
liattacker directs victim to a local server proxying the bank.com homepag

IndieAuth as a Persona Identity Provider

pTwo weeks ago, I attended a href=http://indiewebcamp.comIndie Web Camp/a and had lots of interesting
a href=https://login.persona.orgPersona/a conversations.

Web chat mozilla Québec (test)

Auteur: 
Fredy Rouge

Voici la proposition: Le chat, les mozilliens et le formulaire d’inscription a la liste de diffusion dans la page d’accueil, Il manque un banner pour annoncer les nouvelles et les posts de la planète mais maintenant mon centre est le chat.

proposition-chat-mozilla-quebec

Prefetching resources to prime the browser cache for the next page

pOne of the great ways to reduce the perceived load time of pages on your site is to prefetch resources that will be needed while users are busy reading or interacting with the current page./p

pThere are a few ways to ensure that the browser will already have a page in its cache when users visit them.

Prefetching resources to prime the browser cache for the next page

Auteur: 
François Marier

One of the great ways to reduce the perceived load time of pages on your site is to prefetch resources that will be needed while users are busy reading or interacting with the current page.

There are a few ways to ensure that the browser will already have a page in its cache when users visit them. In this particular case, I wanted improve the load time of the Persona dialog while users are busy looking at the third-party site they want to login into.

Revue du Web

Auteur: 
pie2r

Quelques projets anticorruption pour vous inspirer À l’approche du Hackathon « Hackons la corruption » des 10 et 11 novembre prochain, Québec ouvert a voulu rendre compte de certaines initiatives citoyennes existantes visant à lutter contre la corruption et qui utilisent des données ouvertes. Certaines de ces idées pourraient être reprises au Québec. [Lire l'article [...]

Blocked (queued) connections, keep-alive and content-length

Auteur: 
François Marier

While trying to add gzip compression to a custom node.js reverse proxy server through connect's compress middleware, I ran into a really strange problem: my browser would fetch the first 5 resources without problems, then it would stall for 2 minutes before gettting the next 5 resources, stall for another 2 minutes for the next five, and so on.

If I waited long enough, all of the resources would be loaded correctly and the page would look fine.

Blocked (queued) connections, keep-alive and content-length

pWhile trying to add gzip compression to a a href=https://github.com/lloyd/awsbox-proxy-servercustom node.js reverse proxy server/a through connect's a href=http://www.senchalabs.org/connect/compress.htmlcompress/a middleware, I ran into a really strange problem: my browser would fetch the first 5 resources without problems, then it would stall for 2 minutes before gettting the next 5 resources, stall for another 2 minutes for the next five, and so on./p

pIf I waited long enough, all of the resources would be loaded correctly and the page would look fine./p

pThis is what I saw in Firebug:/p

Syndiquer le contenu