joe codes

x-cart guru & custom programmer

  • About
  • Archives
  • Contact

Powered by Genesis

Security at Github

August 17, 2016 by joecodes Leave a Comment

Prompted by a tweet by CSS-Tricks about protecting the token, this is a brief post that showcases a handful of security techniques used at Github from Let’s look at some of the security at Github.

This is a short article showing five things I find awesome with Github’s security. Best of all is that we could learn from Github and follow their lead.

  1. Dynamic CSP
  2. Hack for dangling markup
  3. Referrer
  4. Redirect FQDN
  5. No CSP for 304’s (Not Modified)

https://chloe.re/2016/08/15/lets-look-at-some-of-the-security-at-github/

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to share on Reddit (Opens in new window)
  • Click to share on Facebook (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
  • Click to email this to a friend (Opens in new window)

Related

Filed Under: Programming Tagged With: security

Leave a Reply Cancel reply

You must be logged in to post a comment.

Quick Thoughts

  • I was surprised to learn that foreach in JavaScript does not have a traditional break. The loop will run to completion.

  • Who knew that combination sums across all permutation lengths of an array would be so difficult? It was a challenge but the final product looks good and takes a lot of resources. Limiting the max length for basic memory limits. Would only do something like this for occasional reporting.

  • Working on a new project that can have hundreds of forms on a page. The browser was spending way too much time in Parse HTML. Wasted a bunch of time before learning this is a long-standing bug in Chrome when there are many forms or inputs. Other browsers are fine.

Recent Posts

  • Progressive Enhancement
  • Keychain Password Search
  • Smarty preg_match
  • iPhone Plus Experiment
  • Time Machine Speed-Up Tip

Tag Cloud

Apple JavaScript Mason Perl PHP security simple Smarty speed stability Tax WWDC X-Cart

Search

Subscribe

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Recent Comments

  • Bad App Alert on Startup Item Help
  • iPhone Pre-Order Needs to Change on iPhone Pre-Order Warning
  • Apple vs Pro on My Personal Three S’s of Development
loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.