Like in Java, securing/renaming the PHP Session ID is simply a configuration item, generally this value is set as a cookie, but occasionally gets used in cases of URL Rewriting.
On Ubuntu your settings can be changed as follows, Windows will use the same settings in the appropriate file:
sudo vi /etc/php5/apache2/php.ini
session.name = "PHPSESSID"
session.cookie_httponly = 1
REFERENCES
Older versions of Apache Tomcat, as well as the older servlet specifications required that several configuration values need to be set. With servlet 3, you can now modify the name of the session cookie (as well as the ‘rewriting’ attribute name) in the web.xml file
In web.xml: (servlet 3.x)
<session-config>
<session-timeout>30</session-timeout>
<cookie-config>
<name>mysessionid</name><!-- default is jsessionid -->
<http-only>true</http-only>
<!-- secure>true</secure-->
</cookie-config>
<tracking-mode>COOKIE</tracking-mode>
</session-config>
Alternately for Tomcat7, modify TOMCAT_HOME\conf\context.xml:
<Context path="/exampleApp" sessionCookieName="myid">
If you are using spring security, then you should try setting
disable-url-rewritingattribute of<http>element to true.
REFERENCES:
If you have made an investment in creating a device specific application in addition to a traditional web application, there is also a good chance that you want to drive your users (customers) to use the native application.
With the release of Apple IOS 6 in September 2012, this ability was made possible with the use of a simple HTML <meta> tag on your web page. You will need to replace the x’s with your app-id from the Apple Store.
<meta name="apple-itunes-app" content="app-id=xxxxxxxxxx" />
REFERENCES:
Migrating between various javascript frameworks can often prove difficult, especially when developers become comfortable with the specific features of one library. Here is a feature that I’ve seen used in PrototypeJS that does not exist in jQuery, but can easily be added with a new function.
PrototypeJS provides an identify(el);function … Element.identify(el);. This is powerful in the sense that it returns the ‘id’ of an element, or automatically generates and assigns one when it is empty.
For jQuery the following can be added to emulate the functionality.
jQuery.fn.identify = function(prefix) {
var i = 0;
return this.each(function() {
if($(this).attr('id')) return;
do {
i++;
var id = prefix + '_' + i;
} while(document.getElementById(id) != null);
$(this).attr('id', id);
});
};
(function($) {// Compliant with jquery.noConflict()
$('span').identify('test');
})(jQuery);
This is a fairily standard interview question for someone that claims to understand CSS, but you’d be amazed at the number of developers that just don’t get it.
Assuming
<style type=”text/css”>
div#error { color:red; }
div.error { color:red; }
</style>
<div id=”error”>This is error text shown in red.</div>
<div class=”error”>This is also error text</div>
Notice that an ID’s CSS is an HTML element, followed by a “#”, and finally ID’s name – “element#idname”.
Also, be sure to absorb the fact that when an id is used in HTML we must use ‘id=”name”‘ instead of ‘class=”name”‘ to reference it!
A simple way to remember this is to refer back to how you think of page anchors. Those URL’s must also be unique and use the “#”.
Why Did They Choose Those Names??
NOTE: You can also use inline styling (with no id or class), or style the HTML elements themselves, but those will be covered in a later posts.