The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My work

  • My badges

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming

    20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now

    20140424-Windows-7-free-disk-space

    More Photos
  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,487 other followers

Archive for the ‘Web Development’ Category

Watch changes on html pages that do not have RSS

Posted by jpluimers on 2015/06/15

A few tools that help you watch changes in html pages, even these pages do not have RSS: they make a feed out of a page.

–jeroen

Posted in Development, HTML, Power User, Software Development, Web Development | Leave a Comment »

Pastebin, but for HTML? – Stack Overflow

Posted by jpluimers on 2015/05/26

Nice question (thanks aplm!), as for instance Gist does not render html:

Pastebin is a useful online tool to paste snippets of text. Pastie is a similar tool. Also, Ideone is similar except that it also runs the source code, as well as being a general pastebin.

Is there a similar tool, for HTML?

And ditto links in the answer (thanks meder!):

Unbelievable that such questions get closed as “not constructive”.

Note I could not get http://www.pastekit.com to work.

–jeroen

via: javascript – Pastebin, but for HTML? – Stack Overflow.

Posted in Development, HTML, HTML5, Software Development, Web Development | Leave a Comment »

The Clickjacking attack, X-Frame-Options

Posted by jpluimers on 2015/04/29

Front-end web development isn’t my core area of expertise, but every now and then I am slightly more than the usual spectator and do get involved.

This case it was about helping to prevent The Clickjacking attack by using the The X-Frame-Options response header from RFC 7034.

Lots of people seem to have questions about it: Highest Voted ‘x-frame-options’ Questions – Stack Overflow.

So, from The X-Frame-Options response header:

There are three possible values for X-Frame-Options:

DENY
The page cannot be displayed in a frame, regardless of the site attempting to do so.
SAMEORIGIN
The page can only be displayed in a frame on the same origin as the page itself.
ALLOW-FROM uri
The page can only be displayed in a frame on the specified origin.

–jeroen

via:

Posted in Development, Software Development, Web Development | Leave a Comment »

Batch file that finds and starts Cntlm.exe in verbose mode.

Posted by jpluimers on 2015/04/13

As a follow up on the Cntlm configuration post last week, here is a small batch file that will find Cntlm.exe (on x86 and x64 systems) then start it in verbose mode.

–jeroen

Posted in Cntlm, Development, Fiddler, NTLM, Power User, Web Development, Windows, Windows 7, Windows 8, Windows 8.1, Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, Windows Server 2008 R2, Windows Vista, Windows XP, Windows-Http-Proxy | Leave a Comment »

How to fill proxy information in cntlm config file (via: Stack Overflow)

Posted by jpluimers on 2015/04/10

This is an elaboration of How to fill proxy information in cntlm config file – Stack Overflow.

When digging around how to get authentication stuff going, I want as much information, so this was the command-line I used:

cntlm.exe -v -c cntlm.ini -I -M http://www.bbc.co.uk

The -v is important: it shows you why things fail, and where: It also shows you the NTLM headers sent back/forth over the wire.

These are the switches used:

  • -v verbose
  • -c configuration file
  • -I interactive (prompt for password)
  • -M magically detect the NTLM level used by the proxy

Since it is unsafe to store plain text passwords in configuration files, cntlm allows you to store the hashes.

Storing hashes not passwords locally is safer, but not much safer. See for instance Still Passing the Hash 15 Years Later: Guest Post: Let’s talk about Pass-the-Hash by Scriptjunkie the video How to own a Windows Domain or search for Mark Russinovich video windows hash ntlm hack.

Anyway: you can generate the password hashes using either     Read the rest of this entry »

Posted in Development, DVCS - Distributed Version Control, Fiddler, git, HTTP, Internet protocol suite, Mercurial/Hg, NTLM, Power User, Software Development, Source Code Management, TCP, Web Development, Windows, Windows 7, Windows 8, Windows 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Vista | Leave a Comment »

 
Follow

Get every new post delivered to your Inbox.

Join 1,487 other followers

%d bloggers like this: