Category: Javascript

  • the state of Mixed Mode

    When a browser grabs a webpage over HTTPS, *nobody* (aside from revelations that governments can see our SSL traffic) can see what’s happening between your browser and the target webserver. ¬†You are protected against the prying eyes of an evil network admin, proxy admin or even government. Modern websites often import JavaScripts files from multiple…

  • Rails, what’s wrong with serving static JS and CSS files?

    For a new web project, I’ve been looking at Rails 3.1, the latest update of the popular Ruby on Rails web application framework. Although I just started on it, and haven’t seen all the goodness, one thing that raised my eyebrows is how static content a la CSS and JavaScript is handled, through an asset…

  • JQlog: JQuery Keylogger, or why not to trust your proxy admin.

    Note that this post is for awareness and educational purposes only. I do not encourage, and cannot be held responsible for malicious actions using these tools. The Internet, as it is today, is a mash-up of JavaScript enabled services, often included from external websites. Internet companies offer so-called widgets, which are JavaScript tools that can…