Archive for the ‘JavaScript’ Category

Abusing the Cache: Tracking Users without Cookies

Friday, January 29th, 2010

I’ve been doing a little bit of research into ways to misuse browser history and cache and came across a very simple technique for tracking users without the need for cookies. Firstly, a demo. If you watch the HTTP requests you’ll see that there are no cookies being used.

(more…)

Posted in JavaScript, PHP, Programming | 15 Comments »

Windows Gadgets and Invalid Packages

Sunday, January 24th, 2010

I’ve recently upgraded to Windows 7 and decided to experiment with the in built gadgets. Windows gadgets are built on web technologies; each gadget is really just a couple of HTML pages glued together with JavaScript. This is good in principle but there are enough differences between the gadget environment and Internet Explorer to make testing difficult.

(more…)

Posted in JavaScript, Programming | No Comments »

Securing Your PHP Code – XSS

Saturday, April 5th, 2008

Today I’m going to start a three part series looking at security issues affecting web developers. The specifics apply to PHP developers, but the general concepts carry across all technologies.

Any significant website is going to consist of three core layers: the client side code (HTML and JavaScript), server code (PHP) and a storage layer (MySQL). As a developer you should be aware of the security implications of each layer of technology and how you can best secure your code.

(more…)

Posted in JavaScript, PHP, Programming | 5 Comments »