Tag Archives: Header

HEAD first with PHP Streams

PHP has a built-in function called get_headers that will return the response headers. But it has some downsides, like requesting the whole response (and not only the HEAD) and it’s hard to control behaviour for redirects. On Stackoverflow some users … Continue reading

Posted in Hakre's Tips, PHP Development, Pressed | Tagged , , , , , , , | 1 Comment

getallheaders available for FASTCGI in PHP 5.4

Good news. PHP 5.4 – according to docs – will support the “apache alias” getallheaders(). That means, you can get all header values of the request w/o fiddling any longer with server configuration. N1. Read On: What new feature in … Continue reading

Posted in Linked, PHP Development, Pressed | Tagged , , , , , , , | 5 Comments

HTTP Redirect Codes (3xx) and the Location Field

Over the last days some including me have opened tickets in wordpress trac touching the HTTP transport layer and redirection in specific. As with my previous HTTP related review of worpdress, this is getting more and more interesting and detailed … Continue reading

Posted in Hacking The Core, Pressed | Tagged , , , , , , , , , | 1 Comment

wordpress HTTP and header related tickets

I’ve done some massive HTTP stuff lately which included a full re-read of some (all?) HTTP releated RFCs – some of them I first studied years ago. It’s not that simple as it was back those years, but it’s good … Continue reading

Posted in Hacking The Core, Pressed, Surviving the Internet | Tagged , , , , , , , , | 2 Comments

wordpress File Headers

Yesterday I’ve spend some of my brains electrons on file headers which, next to a new ticket (#13699), led to some documentation in codex.

Posted in Hacking The Core | Tagged , , , , , | Leave a comment

Prevent XSS on your wordpress Blog with CSP

CSP – short for Content Security Policy – is a Mozilla driven specification to reduce or eliminate a site’s XSS attack surface. In Ticket #10237 Denis De Bernardy suggested to implement the new Mozilla feature to prevent XSS. That was … Continue reading

Posted in Hacking The Core, Hakre's Tips, Patched, Plugin Plugout | Tagged , , , , , , , , , , , , , | 1 Comment

Control your site’s usage in frames

A nice way to improve your website against click-jacking and framing is now available for Internet Explorer 8, Safari 4 or Chrome 2. And for Firefox users who are using the No-Script plugin. You as web-developer only need to add … Continue reading

Posted in Hakre's Tips, Surviving the Internet | Tagged , , , , , , , | 1 Comment