본문 바로가기

전체 글

 (720)
웹사이트 템플릿
Admin Dashboard Templates AdminLTE 2 adminlte-free-bootstrap-admin-template AdminLTE provides a range of responsive, reusable, and commonly used components. It features over 1000 icons, custom-made plugins, 6 different skins and plenty more. github BCORE BCORE Bootstrap 3 Admin And Dashboard Template BCORE is fully responsive admin template. It comes with 40+ integrated plugins for charts, data tables, maps, form element.. 2017.04.06
개발/팁
html5sec curity CheatsheetWhat your browser does when you look away...Vectors making use of HTML5 featuresXSS via formaction - requiring user interaction (1)#1testA vector displaying the HTML5 form and formaction capabilities for form hijacking outside the actual form.XDon't allow users to submit markup containing "form" and "formaction" attributes or transform them to bogus attributes. Avoid "id" attrib.. 2017.04.01
개발/알고리즘
Screen recorder in JS canvasrecord.js canvasrecord.js (function() { let canvas = document.querySelector('canvas'); // Optional frames per second argument. let stream = canvas.captureStream(25); let recorder = new MediaRecorder(stream, options); let blobs = []; function download(blob) { var url = window.URL.createObjectURL(blob); var a = document.createElement('a'); a.style.display = 'none'; a.href = url; a.download =.. 2017.04.01
개발/팁
RSpec basic authentication helper module for request and controller specs module AuthHelper def http_login user = 'username' pw = 'password' request.env['HTTP_AUTHORIZATION'] = ActionController::HttpAuthentication::Basic.encode_credentials(user,pw) endend module AuthRequestHelper # # pass the @env along with your request, eg: # # GET '/labels', {}, @env # def http_login @env ||= {} user = 'username' pw = 'password' @env['HTTP_AUTHORIZATION'] = ActionController::HttpAu.. 2017.04.01
개발/php
xss 테스트 코드 onmouseover="alert(document.cookie);" add to test DB xss_clean("a") (without spaces). It added and destroy some data. Is it bug 2017.04.01
개발/php
php XSS filter PHP filter class to prevent cross-site-scripting (XSS) vulnerabilities. Removes dangerous tags and protocols from HTML. The main difference between this class and strip_tags() or filter_var() is that you can preserve certain tags AND sanitize their attributes. Port of Drupal's XSS filter $filter = new Filter(); $allowed_protocols = array('http', 'ftp', 'mailto');$allowed_tags = array('a', 'i', '.. 2017.04.01

티스토리툴바