Category Archives: Security

HTML 5 Storage is better, but cookies aren’t gone yet

html5-storage-cookies

HTML 5 Storage is a promising addition to the web developers arsenal. However, it's name is confusing to many novices because it implies a connection with HTML markup itself. HTML 5 Storage may be part of the HTML 5 specification, … more …

Base 64 encoding the web

base-64-encoding

There are uses for Base 64 encoding that extend beyond converting binary data to ASCII strings. Base 64 encoding doesn't require an encryption key and it supported in virtually every language, making it very useful in certain cases. more …

Offensive error handling in web development

crush-error

A typical error handling practice is to wrap a piece of suspect code in a "try" block, and present a warm and fuzzy message in the "catch" block. But, after a user has seen that warm and fuzzy message a … more …

Using barricades for a more robust website

firewall

You hear the term robust thrown around loosely. "Hey Bob, that new app is gonna be robust, right?" "Oh yeah Steve, I'm all over that robustness." But how many people really understand what they're promising? I certainly didn't used to. … more …

One-Liners to Improve Server Security

I'm a web developer, that's what I do, and I love it. But, the unfortunate side of offering web development services, is that you usually need to offer a place for your clients web offerings to live – a web … more …

CAPTCHAs – security, fun and promotion

The CAPTCHA (Completely Automated Public Turing Test To Tell Computers and Humans Apart) has been evolving in recent years in attempt to close in on two primary goals: Stay ahead of smart robots Avoid unnecessary mental strain on the user … more …

Website security scanner – try it – you never know

In my case, I didn't know. Well, to be 100% accurate, I did find out that one of my clients fell victim to a WordPress security vulnerability after moving to a less-expensive shared hosting provider. This happened a few months … more …

Secure favicon to compliment your site’s standard favicon

The favicon is a nifty little 16 pixel representation of your website, usually something recognizable, like your complete logo, or a portion of it. The unfortunate side of the favicon is that, in some browsers, it remains in it's usual … more …

SQL safe query functions are smart, but not that smart

After you've been coding for a few months, one of the more important lessons you learn is how to avoid SQL-injection attacks. Generally, this is done with the help of a language-specific function, which strips/escapes/wraps characters appropriately. Using this ColdFusion … more …

Subdomain XMLHttpRequest – Origin is not allowed

If you've tried using AJAX via your browsers XMLHttpRequest object to access data from another domain, you are greeted with an error similar to XMLHttpRequest cannot load – Origin is not allowed by Access-Control-Allow-Origin. In a nutshell, this means the … more …