Tag: browsers

A Look Back at the History of CSS

Screenshot of Apple.com website

A Look Back at the History of CSS” is a nice trip down the history lane as to where and how CSS came about.  It’s hard to imagine these days that CSS wasn’t always around and the web looked like whatever your browser decided to make it look like.

Clockwork – PHP developer tools integration for Google Chrome

Clockwork is a PHP library and a Google Chrome extension that work together to provide a new tab in the Google Chrome DevTools for PHP developers.  The tab contains all sorts of useful information such as variable values, application tracing, timing, and more.

Google Chrome color profile

My good friend and colleague Michael Stepanov has been recently annoyed by some weird color offsets on his external screen in Fedora 26.  Turns out, it wasn’t the external monitor, video card, or cable issue.  The problem was with the new Google Chrome and its choice of the color profile.  The solution was found in this Reddit thread:

  • Open new tab and type there chrome://flags
  • Find option “Force color profile” and set it to “sRGB”
  • Restart Chrome and enjoy blue as blue 🙂

BeEF – Browser Exploitation Framework

BeEF is a browser exploitation framework.

BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.

Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser. BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context.

The end of CSRF?

The end of CSRF?” blog post talks about the new feature coming to browsers – SameSite cookie enforcement, which will help in getting rid of Cross-Site Request Forgery (CSRF) attacks.  Too bad this is currently only supported by Google Chrome (both desktop and mobile), and Opera.  But I’m sure it’s coming soon to the rest of the browsers.

Update:  It looks like the above blog post is almost a copy of this blog post, which has a number of useful comments.  Including this one, which links to a variety of projects and programming languages bug trackers requesting the support of the SameSite cookie feature.  Also, it looks like SameSite cookie is superseded by the Cookie Prefix solution, proposed by Google.