Monthly Archives: March 2012

I wrote a JavaScript LAN scanner: http://sam.nipl.net/code/lan-scan/ It is not at all cutting-edge, just a friendly demo of Cross Site Request Forgery. The Firefox NoScript extension has a component called ABE, which can help.

How to stop CSRF exploits? What changes to the HTTP protocol spec, and to browser behaviour, would be required to prevent dangerous cases of cross-site request forgery? I am not looking for suggestions as to how to patch my own … Continue reading →

Dear Lazyweb, sanity check this for me? Many web pages load resources from other sites, such as images, scripts, etc.  This is useful, and fairly harmless.  However, all popular browsers send any cookies and http-auth headers along with those cross-site … Continue reading →

I made a simple web template system.  I will describe here, in case someone will like it. A template contains sample content, it doubles as a mockup.  Data can be bound to any HTML container with a new attribute, ‘v’.  … Continue reading →

My laptop runs Debian with an ext3 root filesystem. Every 27 boots or so it gets stuck doing an fsck for maybe 10 minutes… This can be inconvenient! So I wrote a little script which checks if an automatic fsck … Continue reading →