Subscribe: Comments for Bram.us
http://www.bram.us/comments/feed/
Preview: Comments for Bram.us

Comments for Bram.us



A rather geeky/technical weblog by Bram(us) Van Damme, est. 2001



Last Build Date: Fri, 23 Feb 2018 15:08:13 +0000

 



Comment on CSS Keylogger (and why you shouldn’t worry about it) by Matt Zeunert

Fri, 23 Feb 2018 15:08:13 +0000

You can create an infinite CSS @import chain (by stalling the server response until the server wants to push new styles to the client). That means you can probe any text input or JS-connected password fields for the exact value. If there's no JS that updates the value property of your password field I still don't see a way of detecting that though.



Comment on SecurityHeaders.com by scorp13

Fri, 23 Feb 2018 12:31:21 +0000

Decided to sort out with my server's settings. The biggest problem turned out the Content-Security-Policy header — a difficult choice between the security and convenience of using third-party libraries.



Comment on CSS Keylogger (and why you shouldn’t worry about it) by Robin Jacobs

Thu, 22 Feb 2018 10:27:50 +0000

Unless you use two way binding in something like React/Angular... :)



Comment on React Native and iPhone X: by Bramus!

Thu, 22 Feb 2018 08:49:04 +0000

Must say I do see some use cases. Here's a screenshot of an app I made. If the map were to be cut off that'd be a whole different effect.

(image)




Comment on Fixing the “Connect to iTunes to use Push Notifications” alert in iOS 7.0.3 by Jerry

Thu, 22 Feb 2018 01:29:25 +0000

worked for me , iphone 5. thank you



Comment on React Native and iPhone X: by React Native and iPhone X: - ReactJS News

Wed, 21 Feb 2018 19:17:06 +0000

[…] React Native and iPhone X: […]



Comment on React Native and iPhone X: by Šime Vidas

Wed, 21 Feb 2018 15:22:29 +0000

Sorry, I wasn’t clear. Yes, the example on the left iPhone in the image. I can see why it makes sense to allow content to go underneath the bar at the bottom of the screen, but not at the top of the screen, since it contains a the status bar that is already full, so there’s no room for the app’s content anyway.



Comment on CSS Keylogger (and why you shouldn’t worry about it) by Easily set Content Security Policy headers in Laravel with laravel-csp | Bram.us

Wed, 21 Feb 2018 15:10:33 +0000

[…] Bram.us A rather geeky/technical weblog by Bram(us) Van Damme, est. 2001 — Follow this blog via RSS, Twitter, or Facebook ← CSS Keylogger (and why you shouldn’t worry about it) […]






Comment on Content Security Policy — Preventing XSS Attacks Client-side by CSS Keylogger (and why you shouldn’t worry about it) | Bram.us

Wed, 21 Feb 2018 13:23:53 +0000

[…] Above that you can easily prevent it by setting the proper Content Security Policy. […]