Mastodawn

Inautilo Apr 3, 2025

#Development #Explorations
Forbidden request headers · Some request headers are more trustworthy than others https://ilo.im/16333j

_____
#Specification #HttpHeaders #Browser #JavaScript #FetchAPI #XMLHttpRequest #CloudflareWorker #WebDev #Frontend #Backend

I guess some request headers are more trustworthy than others.

There's a subset of request headers that can't be modified by a spec-compliant user agent. Let's explore why they're useful for determining how and for what purpose a request was triggered.

Alex MacArthur

Inautilo Nov 27, 2024

#Development #Techniques
Modern solutions against cross-site attacks · “If you want to improve security you have to move.” https://ilo.im/1613tf

_____
#Security #Vulnerability #XsLeak #HttpHeaders #COOP #CORP #WebAPIs #XMLHttpRequest #Browser #Frontend

Modern solutions against cross-site attacks

Frederik Braun

Ugur Sep 14, 2024

The journey to move my #blog back to #GitHub is going excellently. I developed a tiny blog management system.
Thank you, #XMLHttpRequest. What a beautifully deprecated feature!

Habr Sep 7, 2024

SolriXML: Лучи света в темном лесу XML-данных

В этой статье я расскажу, как SolriXML автоматизирует обработку XML-файлов, трансформируя сложные структуры данных в удобные для использования форматы. Когда дело касается огромных объемов данных в XML, эффективность обработки становится ключевым фактором успеха в мире e-commerce. Помните, эффективная обработка данных - ключ к успеху в современном мире e-commerce. SolriXML здесь, чтобы сделать этот процесс максимально простым и эффективным для вас! Попробовать SolriXML бесплатно

https://habr.com/ru/articles/841486/

#python #webразработка #webпрограммирование #маркетплейс #tfidfvectorizer #xmlhttprequest #xml #xml_schema #xml_web_services #xml_parser

SolriXML: Лучи света в темном лесу XML-данных

image В эпоху больших данных работа с огромными XML-файлами часто становится настоящим испытанием для разработчиков и аналитиков. Представьте себе гигантский XML-файл , содержащий тысячи или даже...

Хабр

xameer Jan 12, 2021

#SOAP Messages m are nothing but POST requests r+ contentType = app/xml, a SOAPAction header+ a request body that complies w m format. These 3 r cannot be changed w #JavaScript unless we deal with #XMLHttpRequest object o
we need comply w Same Origin Policies (SOP) to use O

xameer Oct 23, 2020

AJAX Application Update - https://paul.kinlan.me/ajax-application-update/
hit of the added bandwidth for the data that will returned from #Yahoo and #Technorati.
I don"t think I can perform a Redirect on the #XMLHttpRequest, as that will probably cause many more problems.

AJAX Application Update - Modern Web Development with Chrome by Paul Kinlan

xameer Oct 23, 2020

AJAX Application Update - Modern Web Development with Chrome by Paul Kinlan

Show thread

Shamar Mar 30, 2019

@natecull @popefucker @mala @Shamar @rain

The #attack I proposed do not use #XmlHTTPRequest.

If you can programmatically modify the #DOM and trigger a #DOMEvent, you can send any #HTTP request you want anywhere.

Disabling JavaScript BY DEFAULT do not turn of the #Web. That's what a lot of people say, but did you tried?
You didn't.

Most of it work fine.
Even #StackOverflow, #Medium, #GitHub and #GMail (!!!) work like a charm.

Jasper 🍉Oct 24, 2018

Wonder what the cost is of making new http connections versus holding one open.

https://blog.lighttpd.net/articles/2006/11/27/comet-meets-mod_mailbox/

Incidentally i have essentially already done this.. Okey i have done everything.. not 100% true, i _did_ use the #XMLhttpRequest callback to use results as they came in,(with JSON list but with "\n,\n" specifying portions of data) but i did not leave connections open or do this two-way.

While at it, some binary version of #json more efficient too..

(via https://blog.lighttpd.net/articles/2006/11/27/comet-meets-mod_mailbox/)