Microsoft Silverlight

Silverlight was a browser extension that was backed by Microsoft’s .NET product on many platforms, it provided media capabilities similar to Macromedia/Adobe Flash.  Similar to Flash, it has had it’s own share of security problems over the years.

Introduced in 2007 and currently in a deprecated state. Once supported on Windows XP (IE6) to Windows 10 (IE11), MacOS and Ubuntu. Now only supported in MSIE. Edge never provided support. Modern versions of Chrome, Firefox, Safari, and Opera no longer support.

HTML Markup example:

<object data="data:application/x-silverlight-2," type="application/x-silverlight-2" width="100%" height="100%">
<param name="source" value="MySilverLightControl.xap"/>
</object>

REFERENCES:

https://en.wikipedia.org/wiki/Microsoft_Silverlight

https://www.microsoft.com/Silverlight/

https://docs.microsoft.com/en-us/previous-versions/windows/silverlight/dotnet-windows-silverlight/mt788654(v=msdn.10)

Install Plex Media Server on Ubuntu

You can find the latest release listed here and either download the file to your server directly or use the path to update the wget in the commands listed below…
https://plexapp.zendesk.com/hc/en-us/articles/201181647-Plex-Media-Server-Linux-nix-

Pre-requisite, you need to have avahi installed first or the script will later prompt you to do so…
sudo apt-get install avahi-daemon

i386 install:
wget -c downloads.plexapp.com/plex-media-server/0.9.8.18.290-11b7fdd/plexmediaserver_0.9.8.18.290-11b7fdd_i386.deb
sudo dpkg -i plexmediaserver_0.9.8.18.290-11b7fdd_i386.deb

amd64 install:
wget -c downloads.plexapp.com/plex-media-server/0.9.8.18.290-11b7fdd/plexmediaserver_0.9.8.18.290-11b7fdd_amd64.deb
sudo dpkg -i plexmediaserver_0.9.8.18.290-11b7fdd_amd64.deb

Then a series of commands, they should all be relatively straight forward. As the installer creates and runs the software under a user named ‘plex’, I create the user folders and change the default password in these steps… do what you are comfortable with!

sudo apt-get -f install
sudo mkdir /home/plex
sudo mkdir /home/plex/Music
sudo mkdir /home/plex/Videos
cd /home/plex
sudo chown plex * -R
sudo chmod 777 * -R
sudo passwd plex

Now you should be able to access the app with your browser, change the IP if you are not on localhost.
http://{ip}:32400/manage/index.html

WARNING: An installation using these steps could leave your server open to the general public, you
will want to password protect your server to secure any sensitive content, I’ll leave that for a separate topic.

REFERENCES:

Content-Security-Policy HTTP Header

There’s yet another new means to ‘help’ client User-Agents with preventing XSS on your websites.

In it’s simplest form you can simply use the following HTTP Header(s), the second one is for earlier versions of Webkit (Chrome/Safari):

Content-Security-Policy: default-src 'self'
Webkit-CSP: default-src 'self'

You can also add to the above to permit assets to load from other sources.
For example, if you were to permit javascript files from example.com you could include:

Content-Security-Policy: default-src 'self'; script-src http://example.com

Additionally, while failures are noted in the client’s browser console (that most users are not aware of), you can have them sent back to your server by adding a ‘report-uri’ attribute with an appropriate handler:

Content-Security-Policy: default-src 'self'; report-uri http://example.com/csp-report.php

REFERENCES:

CSS media queries for landscape vs. portrait orientation

As mobile devices become more prevalent in the web development domain, it is often advisable to provide appropriate CSS for each layout.

Here’s a starting point for browsers that support.


<style type="text/css">
@media all and (orientation:portrait) {
/* css adjustments for portrait go here */
}
@media all and (orientation:landscape) {
/* css adjustments for landscape go here */
}
</style>