Tag: client

opensearchdescription.xml

OpenSearch is a relatively obscure topic that I’ve only crossed a few times, here is the premise.

A simple tag can be added to your content, in this case HTML, but a feed can also contain this element.

<link rel="search" href="http://www.giantgeek.com/opensearchdescription.xml" type="application/opensearchdescription+xml" title="giantgeek.com" />

That link refers to a file that resembles the one below, in it you can specify the URL to the search facilities on a website, or as in the case below, use the parameters for a Google search of your website.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE OpenSearchDescription>
<OpenSearchDescription xmlns="http://a9.com/-/spec/opensearch/1.1/" xmlns:moz="http://www.mozilla.org/2006/browser/search/">
<ShortName>GiantGeek.com</ShortName>
<Description>Use Google to search our web site.</Description>
<InputEncoding>UTF-8</InputEncoding>
<Tags>giantgeek skotfred</Tags>
<Contact>[email protected]</Contact>
<Image width="16" height="16" type="image/x-icon">http://www.giantgeek.com/favicon.ico</Image>
<!-- NOTE: this uses Google, you can give your own search url instead -->
<Url type="text/html" method="GET" template="http://www.google.com/search?q=site:giantgeek.com {searchTerms}"/>
<Url type="application/opensearchdescription+xml" rel="self" template="http://www.giantgeek.com/opensearchdescription.xml"/>
</OpenSearchDescription>

Many modern browsers that provide a ‘search box’ in the browser interface, can then add the capability to perform a search of your website even when the user is not there already.

REFERENCES and Additional Reading:

Apple IOS 6 Smart App Banners

If you have made an investment in creating a device specific application in addition to a traditional web application, there is also a good chance that you want to drive your users (customers) to use the native application.

With the release of Apple IOS 6 in September 2012, this ability was made possible with the use of a simple HTML <meta> tag on your web page. You will need to replace the x’s with your app-id from the Apple Store.

<meta name="apple-itunes-app" content="app-id=xxxxxxxxxx" />

REFERENCES:

Install Opera Browser on Ubuntu

I was recently attempting to port some older Selenium tests to a new Linux machine and found that I did not have the Opera browser installed. Thus, I submit the following.

There are several ways to go about doing this, depending upon your skills.

1. Most simple IMHO…

  • Add the path to the application file, then install, updates will come as they are released.
    sudo vi /etc/apt/sources.list
  • Add the following line to the file.
    deb http://deb.opera.com/opera/ stable non-free
  • Update the software registry:
    sudo apt-get update
  • Install:
    sudo apt-get install opera

2. Another method, with the same results:

  • sudo sh -c ‘echo “deb http://deb.opera.com/opera/ stable non-free” >> /etc/apt/sources.list.d/opera.list’
  • sudo sh -c ‘wget -O – http://deb.opera.com/archive.key | apt-key add -’
  • sudo apt-get update
  • sudo apt-get install opera

3. Additionally, you can simply download the files from the Opera website and uncompress wherever desired on your drive.

REFERENCES:

/////

HTML5 – abbr replaces acronym

I recently found another element that is no longer supported for HTML5. The <abbr> element represents an abbreviation or acronym, the <acronym> tag was dropped in HTML5 and XHTML2.

REFERENCES:

Installing Tor Client on Ubuntu

The use of Tor software to hide your network activity occasionally comes up in the main stream news media as being only for illegal purposes such as drugs or pornography. There are however many instances where individuals or groups rely upon their activity being hidden from prying eyes. Examples are… Journalists, politicians and even common citizens that don’t want to have their personal information gathered and shared/sold.

Installing the client software is easy for most platforms. You can download and verify the signatures from the Tor website to be absolutely certain. If you trust the maintainers of the Ubuntu PPA’s or other compilations, you can also do so… (with appropriate precautions):

INSTALLATION:

sudo add-apt-repository ppa:webupd8team/tor-browser
sudo apt-get update
sudo apt-get install tor-browser

REFERENCES:

Add SonarQube Analysis to Eclipse

If you have already embraced Continuous Inspection with Sonar/SonarQube, you may find it advantageous to do analysis of new or modified code within the IDE without having to wait for a new build/compile/analyze cycle. Additionally, it’s often faster to keep all of your required information within the IDE without having to also open a web browser.

You can easily add this capability:

  1. Help > Install New Software… > Add… > then enter:
  2. http://dist.sonar-ide.codehaus.org/eclipse/
  3. Restart Eclipse
  4. RightClick on project – Configure > Associate with SonarQube > chose project

REFERENCES:

TV MAXE installation for Ubuntu

TV-MAXE is an application which provides the ability to watch TV stations and listen radio via different streams, like SopCast. Your ability to view certain streams may be limited by your current country, then again, you can always proxy through a country that will permit it.


sudo add-apt-repository ppa:venerix/pkg
sudo apt-get update
sudo apt-get install tv-maxe

REFERENCES:

Comcast Business Class gateway forwarding port 22 for SSH

For as long as I’ve had Comcast, and other providers for that matter, I’ve been able to configure my internet gateway/router to allow port 22 (SSH) access to an internal machine. It came as a surprise to me earlier this week that I was blocked when I tried to use their web admin console to change the internal forwarding to a newer machine. As usual, Technical Support was less that helpful and said that it was not possible to do so, and never should have been as Comcast uses that port to administer the gateway. To make matters more disturbing, I was told that I could not have similar SSH access to the gateway, and that replacing their hardware, while permitted, would prevent my use of a static IP.

Back to the solution, as I know that I had only setup this forwarding about a year ago, and it was working only minutes before I tried to change it, I knew that the configuration was possible if I could figure out how it was being blocked. The message in the web console was a javascript alert(); and gave me a starting point. I opened up Firefox and used Firebug to look for the message. Here are a few interesting findings from:

http://HOSTNAME/user/feat-firewall-port-forward-edit.asp

var RemoteManagementPortsCgiBase = “8080,8080,1\|8181,8181,1\|2323,2323,1\|22,22,1\|”;

msg += “Public Port Range conflict with Remote Management Ports.\n”;

if (msg.length > 1)
{
alert(msg);
return false;
}
return true;
}

If you even a little bit of javascript (or simple computer programming for that matter), the solution is clear…. if the ‘msg’ value is empty you will not see the alert or be prevented from making the change you desire.

Lesson to be learned by the Comcast developers (or most likely = subcontractors), always validate submitted form data in your application code, NEVER rely upon javascript alone to verify user entered data!

I also find it interesting that they are also preventing 8080, 8081 and 2323… perhaps that’s their other back doors in these gateways for their access. The same approach should work for those ports if you need it!

Content-Security-Policy HTTP Header

There’s yet another new means to ‘help’ client User-Agents with preventing XSS on your websites.

In it’s simplest form you can simply use the following HTTP Header(s), the second one is for earlier versions of Webkit (Chrome/Safari):

Content-Security-Policy: default-src 'self'
Webkit-CSP: default-src 'self'

You can also add to the above to permit assets to load from other sources.
For example, if you were to permit javascript files from example.com you could include:

Content-Security-Policy: default-src 'self'; script-src http://example.com

Additionally, while failures are noted in the client’s browser console (that most users are not aware of), you can have them sent back to your server by adding a ‘report-uri’ attribute with an appropriate handler:

Content-Security-Policy: default-src 'self'; report-uri http://example.com/csp-report.php

REFERENCES:

Cloudflare CDN (Content Delivery Network)

Best practices for web applications often call for the use of a CDN. Those of you that have worked with YSlow! are likely very accustomed to seeing warnings for this reason. I’ve found that CloudFlare is very easy to setup, and for basic services costs absolutely nothing. In addition to the obvious performance advantages of using a CDN to offload much of your network traffic, it also has the advantage of improved security.

CDN’s work by caching a copy of your static content at several locations around the world, making it closer and faster for your users.

Implementation takes only minutes as it requires that you:

  1. create a (free) account,
  2. retrieve your existing DNS values from your current provider,
  3. determine direct vs. CDN “cloud” routing for each subdomain,
  4. change your DNS records to point to the CloudFlare DNS servers

Some additional advantages I’ve seen since implementing:

  • Site remains available in limited capability to users during server outages or upgrades.
  • Simplified network configuration as all requests can be sent outside of the LAN for users local to the servers
  • IPv6 dual-stack support

REFERENCES: