Is the IP address of the client present in the email headers for webmail services and for desktop clients?

When I receive an email sent by someone using a webmail service (e.g. Gmail, etc.), I can find the IP address of the sender’s email server in the email headers.
But do the email headers also contain the IP address of the desktop (client) c… Continue reading Is the IP address of the client present in the email headers for webmail services and for desktop clients?

Do object-src and base-uri bypasses still work on Content-Security-Policies?

I’m assessing the security level of a webapp and one of the test cases is the CSP header. I always use the Google CSP evaluator to assess the header. Let’s consider the following CSP header:
Content-Security-Policy:
img-src ‘self’ https://… Continue reading Do object-src and base-uri bypasses still work on Content-Security-Policies?

How could a software reliably tell if an URL makes me download a file and what its filename and mimetype are? (without downloading the file) [migrated]

In order to write an application for myself that prevents me from visiting websites that let me download files of a certain type, I am trying to find a way to reliably tell if an URL lets me download a file and if so then tell me the filen… Continue reading How could a software reliably tell if an URL makes me download a file and what its filename and mimetype are? (without downloading the file) [migrated]

Bright White Night Light Fights E-Waste

E-waste is a gigantic problem, and it can seem impossible as a lone individual to make any kind of dent in it. But [akshar1101] is trying to do their part by looking past the defective aspects of broken, discarded electronics to draw out the possibilities of what’s left.

This friendly …read more

Continue reading Bright White Night Light Fights E-Waste