Tag Archives: HTTP Header

wordpress HTTP and header related tickets

I’ve done some massive HTTP stuff lately which included a full re-read of some (all?) HTTP releated RFCs – some of them I first studied years ago. It’s not that simple as it was back those years, but it’s good … Continue reading

Posted in Hacking The Core, Pressed, Surviving the Internet | Tagged , , , , , , , , | 2 Comments

HTTP/HTML: Missing HTTP-Body/HTML on Redirect

This bothers me often: unfriendly redirects.

Posted in Code Smells, Hacking The Core, Surviving the Internet | Tagged , , , , , , , | Leave a comment

Prevent XSS on your wordpress Blog with CSP

CSP – short for Content Security Policy – is a Mozilla driven specification to reduce or eliminate a site’s XSS attack surface. In Ticket #10237 Denis De Bernardy suggested to implement the new Mozilla feature to prevent XSS. That was … Continue reading

Posted in Hacking The Core, Hakre's Tips, Patched, Plugin Plugout | Tagged , , , , , , , , , , , , , | 1 Comment

Control your site’s usage in frames

A nice way to improve your website against click-jacking and framing is now available for Internet Explorer 8, Safari 4 or Chrome 2. And for Firefox users who are using the No-Script plugin. You as web-developer only need to add … Continue reading

Posted in Hakre's Tips, Surviving the Internet | Tagged , , , , , , , | 1 Comment