How do I let users point to their own images, yet avoid Mixed Content warnings?

I allow users of my webapp to provide a URL for their own images. They can also provide CSS which may contain URLs to images.

If these URLs are HTTP then the browser does not show the padlock in the URL bar.

What is the best practice for… Continue reading How do I let users point to their own images, yet avoid Mixed Content warnings?

CSS Steals Your Web Data

Earlier this year, we posted a link to an interactive Web page. Most people seemed to like it, but we got at least one comment about how they would never be so incautious as to allow JavaScript to run on their computers. You can argue the relative merit of that statement, but it did remind us that just disabling JavaScript is no panacea when it comes to Internet security. You might wonder how you could steal data without scripting, assuming you don’t directly control the server or browser, of course. The answer is by using a cascading style sheet (CSS). …read more

Continue reading CSS Steals Your Web Data

Selective Compression on BIG-IP

BIG-IP provides Local Traffic Policies that simplify the way in which you can manage traffic associated with a virtual server. You can associate a BIG-IP local traffic policy to support selective compression for types of content that can benefit from compression, like HTML, XML, and CSS style sheets. These file types can realize performance improvements, […]

The post Selective Compression on BIG-IP appeared first on Security Boulevard.

Continue reading Selective Compression on BIG-IP