-
The "Hardware" column has become ambiguous with the adoption of U2F alongside hardware OTP solutions.
I suggest separating or expanding this column to track websites that support U2F specifically (no…
qJake updated
8 years ago
-
In some cases, https://url.spec.whatwg.org/#origin says to "return a new globally unique identifier". The "new" part seems to indicate that a different identifier should be returned every time the ori…
-
```
What steps will reproduce the problem?
1. Call open("wss.example.com:9797").
2. The generated client handshake contains: Sec-WebSocket-Origin:
http://example.com.
What is the expected output? W…
-
```
What steps will reproduce the problem?
1. Call open("wss.example.com:9797").
2. The generated client handshake contains: Sec-WebSocket-Origin:
http://example.com.
What is the expected output? W…
-
HPKP is draft for security 'certificate pinning' through a new HTTP header. This protection reduces the likelihood of successful MITM attacks against TLS through rogue or compromised CAs.
ht…
-
http://websec.ca/kb/sql_injection
-
```
What steps will reproduce the problem?
1. Call open("wss.example.com:9797").
2. The generated client handshake contains: Sec-WebSocket-Origin:
http://example.com.
What is the expected output? W…
-
```
What steps will reproduce the problem?
1. Call open("wss.example.com:9797").
2. The generated client handshake contains: Sec-WebSocket-Origin:
http://example.com.
What is the expected output? W…
-
```
What steps will reproduce the problem?
1. Call open("wss.example.com:9797").
2. The generated client handshake contains: Sec-WebSocket-Origin:
http://example.com.
What is the expected output? W…
-
An RSS archive will allow for people to view the content of the newsletters, without the need of having an email address.