Archive for the ‘Browsers’ Category

Target=”_blank” Vulnerability and How to Protect Your Sites

Browsers, How-Tos, HTML | Posted by Keefr May 1st, 2017

Markup / HTMLThis exploit is over a year old, but I just now came across it. Messing around with a security plugin for WordPress last week, there was a setting about combatting an exploit with target=”_blank” — something most developers use time and time again to open links to external sites in a new tab or window.

Turns out that hackers have found a way to exploit that as the target=”_blank” has partial access to the linking page via the window.opener object.

Luckily it’s real easy to combat, adding rel="noopener noreferrer" to each external link.

Source: JitBit – Target=”_blank” – the most underestimated vulnerability ever

Safari Technology Preview

Browsers, Chrome, Safari | Posted by Keefr May 21st, 2016

Safari Technology PreviewI’ve had the tab open since late March about Apple making nightly builds of Safari. I downloaded it soon after, but have yet to explore, nor find a reason to use Apple’s Safari Technology Preview.

Read the rest of this entry »

What Browser am I Using?

Browsers | Posted by Keefr January 7th, 2016

google-chromeI came across this sometime last year and started using it with both co-workers and clients. While we all know how to find out the browser, its version, etc., it’s often a difficult task to get that out of someone less technical.

Read the rest of this entry »

Throttling the Network in Chrome DevTools

Chrome | Posted by Keefr November 5th, 2015

Google ChromeNice article about utilizing Google’s Chrome browser’s developer tools to simulate slower connections.

The four-steps are laid out in the article linked below, and as well as simulating slower connections, it can also help visualize web fonts.

Throttling the Network in Chrome DevTools

Offline Web Sites?

Browsers, JavaScript, User Experience (UX) | Posted by Keefr October 15th, 2015

optimizationWhile I appreciate the sentiment and the exploration of this — especially as a type of one-pager landing page for serving up address/phone number type information, overall I don’t get it. Offline web sites? In this day and age of LTE and open Wi-Fi hotspots, this seems like over-engineering for a scenario unlikely to be accessed very often.

This is one of those cases where someone will get a lot of mileage out of this, but most sites won’t get much utility out of this — especially those content-heavy sites.

Again, I appreciate the sentiment and exploration, but don’t think I’ll be spending much time ensuring our fleet of web sites are Offline First. Plus, if you’re offline and need something, I don’t think any site we’ve developed, maintained, etc. are going to be your first (or even second or third) target.

Offline First