Is it true that frontend validation is generally redundant for minimalist contact forms on minimalist environments?

Say I have a continuously upgraded and well maintained LAMP environment with a website which its CMS is all-core and continuously upgraded as well and I have created a simple backend HTML contact form which is CMS-agnostic (not a module of… Continue reading Is it true that frontend validation is generally redundant for minimalist contact forms on minimalist environments?

How do I select a compliance solution for my business?

A recent survey revealed that, on average, organizations must comply with 13 different IT security and/or privacy regulations and spend $3.5 million annually on compliance activities, with compliance audits consuming 58 working days each quarter. As mo… Continue reading How do I select a compliance solution for my business?

Tor Browser: Could a website or ISP detect modification to DOM done by users if Javascript is disabled?

I have Tor Browser (which is basically Firefox ESR) on "Safest" setting (Javascript disabled). We’re generally scolded about using extensions in it, as they can alter web traffic patterns to or from your browser, adding another f… Continue reading Tor Browser: Could a website or ISP detect modification to DOM done by users if Javascript is disabled?

Is there any way for a Content-Security-Policy to block a CSS function, (specifically the url() function)?

I would like to block the execution of any instance of CSS’s url() function in CSS provided by my server. One promising method would be a CSP, but I’m not sure if this is possible using a CSP. Is it? And if not, what is the best way to acc… Continue reading Is there any way for a Content-Security-Policy to block a CSS function, (specifically the url() function)?