rand(Ø)

> beautiful code & photos

about <

Posts tagged: browser

CSP Header Hacking for Apache2

Hello,

I write here to report my latest dirty hack. Story—

While enforcing our HTTP server configuration at work, we are slowly implementing CSP policies and one of them allow Web browsers to report violations to a given endpoint.

At this moment, we are only at the reporting step of the implementation because the first time we attempted to roll this header out, it ended up breaking our staging env.

So, it's recommended to set the Content-Security-Policy-Report-Only header.

This header takes the report-uri directive which allows the browser to push the violation findings to a given endpoint.

For this example:

> Continue Reading

Chrome: how to fix a gone basic auth dialog

Last night, I tried to display a basic auth protected page but without any success because I didn't know the credentials. Obviously, I got a 401 Error.

Today, I was back to that page with the credentials but Google Chrome wouldn't display the basic auth dialog anymore. How annoying to have directly the HTTP 401 Error page right away!

I found the fix from this page and I'm sharing it here so it will be faster for me to get to the fix as it might be for you as well.

Anyway, from the command line (I'm a OSX user)

> Continue Reading