Collaborate Disseminate
A recent survey revealed that, on average, organizations must comply with 13 different IT security and/or privacy regulations and spend $3.5 million annually on compliance activities, with compliance audits consuming 58 working days each quarter. As mo… Continue reading How do I select a compliance solution for my business?
I’ve been looking at some Web tools as I had some suspicions.
The css looks as though it does not come from Youtube. I’ve seen code from github and other sources.
A large portion is commented out and has javascript in between the breaks. I… Continue reading Is my browser been exploited via CSS? [closed]
<table>
<tr>
<div>USER ID</div>
</tr>
<tr>
<td>
<div>
<input autocomplete="off" onfocus… Continue reading How can I get browser to save password and user Id of following table?
I have Tor Browser (which is basically Firefox ESR) on "Safest" setting (Javascript disabled). We’re generally scolded about using extensions in it, as they can alter web traffic patterns to or from your browser, adding another f… Continue reading Tor Browser: Could a website or ISP detect modification to DOM done by users if Javascript is disabled?
I would like to block the execution of any instance of CSS’s url() function in CSS provided by my server. One promising method would be a CSP, but I’m not sure if this is possible using a CSP. Is it? And if not, what is the best way to acc… Continue reading Is there any way for a Content-Security-Policy to block a CSS function, (specifically the url() function)?
I have paid membership to some program. But they are not allowing to watch all videos at once. They allow us to watch 1 video per week. To watch 60 videos, i have to wait for 60 weeks. So i need help to access that content which is blocked… Continue reading Accessing Video on a Page [closed]
I have a website built with MediaWiki CMS.
This website contains a ContactPage contact form in which the subject field is hardcoded to the form wrapper via PHP;
This is odd, because all other fields aren’t hardcoded like thi… Continue reading Is there an advantage in removing an element both from CSS and JS?
I used SonarQube to perform a static code analysis of my project and it detected a security vulnerability in one of my CSS files:
For security reasons, protocol-relative URLs should not be used.
Noncompliant Code Exa… Continue reading What’s the security risk of using a protocol-relative URL in a CSS stylesheet?
Is it possible to extract CSRF-token by using inline-CSS injection (inside style attribute)? (It seems to be impossible, because it is not possible to define CSS classes inside attributes.)
<p style=<?php echo htmlsp… Continue reading CSS injection: Extract CSRF-token by using inline-css injection
In its default settings, uMatrix content blocker allows CSS and images (JPG, PNG, etc) from all sources, unless denied by a site-specific block list. It also allows 1st party cookies, scripts, and multimedia.
How much can a … Continue reading What can a 3rd party learn about a user through only CSS and images?