Tag: browsers

Secure Headers – a PHP library for easier management of browser security features

Modern browsers offer a variety of security mechanisms for web developers.  Unfortunately, some of these aren’t so easy to manage.  One needs a deep understanding of the functionality as well as theory behind.  Secure Headers is a library that makes all that work a lot easier for PHP developers.  Here are some of the features:

  • Add/remove and manage headers easily
  • Build a Content Security Policy, or combine multiple together
  • Content Security Policy analysis
  • Easy integeration with arbitrary frameworks (take a look at the HttpAdapter)
  • Protect incorrectly set cookies
  • Strict mode
  • Safe mode prevents accidental long-term self-DOS when using HSTS, or HPKP
  • Receive warnings about missing, or misconfigured security headers

Real Favicon Generator

Real Favicon Generator is a handy tool for setting up your website’s favicon properly.  It takes care of both the images (formats, resolutions, etc) and the HTML that you’ll need to include.  With just a few clicks your website will work properly with browsers, operating systems, and mobile applications.

With so many platforms and icons, it’s hard to know exactly what you should do. What are the dimensions of favicon.ico? How many Touch icons do I need? RealFaviconGenerator did the reseach and testing for you.

If you still prefer to do it yourself and know all there is to generating proper favicon images and markup, have a look at this resource for everything there is to it and more.

Spellbook of Modern Web Dev

Spellbook of Modern Web Dev is a collection of 2,000+ carefully selected links to resources on anything web development related.  It covers subjects from Internet history and basics of HTML, CSS, and Javascript, all the way to tools, libraries and advanced usage of web technologies, and more; from network protocols and browser compatibility to development environments, containers, and ChatOps.

  • This document originated from a bunch of most commonly used links and learning resources I sent to every new web developer on our full-stack web development team.
  • For each problem domain and each technology, I try my best to pick only one or a few links that are most important, typical, common or popular and not outdated, base on the clear trendspublic data and empirical observation.
  • Prefer fine-grained classifications and deep hierarchies over featureless descriptions and distractive comments.
  • Ideally, each line is a unique category. The ” / “ symbol between the links means they are replaceable. The “, “symbol between the links means they are complementary.
  • I wish this document could be closer to a kind of knowledge graph or skill tree than a list or a collection.
  • It currently contains 2000+ links (projects, tools, plugins, services, articles, books, sites, etc.)

On one hand, this is one of the best single resources on the topic of web development that I’ve seen in a very long time.  On the other hand, it re-confirms my belief in “there is no such thing as a full-stack web developer”.  There’s just too many levels, and there’s too much depth to each level for a single individual to be an expert at.  But you get bonus points for trying.

Block unwanted advertisements with /etc/hosts file on Linux

Back in the old days, before the browsers even had extensions like Adblock Plus, many of us – tech-savvy web surfers – used to block unwanted advertising, SPAM sites, and other non-sense using the /etc/hosts file.  The technology behind is very simple – you overwrite the IP address to which the unwanted website’s domain name resolves with a loopback IP address (127.0.0.1).  Whether you do it on your own machine or at a home/office proxy server is irrelevant.  And it worked magic!

Turns out, people still use this technique today.   I came across this article, which shows how to use a rather extensive list of domains for all sorts of online madness, collected and maintained by kind folks at http://winhelp2002.mvps.org/.

I tried it out of pure curiosity and sure enough it does what it says.  I’ve reverted back to Adblock Plus a couple of days later though, as random sites were breaking here and there.  I think this might be related to different adblock-detectors that many sites employ these days.  Also, some of the ads use things like embedded scripts or buttons, which might render JavaScript errors, preventing the rest of the page from loading.

But if you’ve never tried it, I strongly recommend giving it a go.

Headless Browsers

Headless Browsers is a list of (almost) all headless web browsers in existence.  These are browsers without graphical user interface, controlled programmatically, and useful for testing, automation, and other similar tasks.

I’ve used one or two.  I’v heard about three of four.  I had no idea there was such a variety though.