Category: Javascript

  • the state of Mixed Mode

    When a browser grabs a webpage over HTTPS, *nobody* (aside from revelations that governments can see our SSL traffic) can see what’s happening between your browser and the target webserver.  You are protected against the prying eyes of an evil network admin, proxy admin or even government. Modern websites often import JavaScripts files from multiple…

  • Rails, what’s wrong with serving static JS and CSS files?

    For a new web project, I’ve been looking at Rails 3.1, the latest update of the popular Ruby on Rails web application framework. Although I just started on it, and haven’t seen all the goodness, one thing that raised my eyebrows is how static content a la CSS and JavaScript is handled, through an asset…

  • JQlog: JQuery Keylogger, or why not to trust your proxy admin.

    Note that this post is for awareness and educational purposes only. I do not encourage, and cannot be held responsible for malicious actions using these tools. The Internet, as it is today, is a mash-up of JavaScript enabled services, often included from external websites. Internet companies offer so-called widgets, which are JavaScript tools that can…