I recently learned that using
target="_blank" is also a security vulnerability. Using
rel=noopener is recommended. This will prevent the newly opened page from accessing your window object via
<a href="http://mylink.com" target="_blank" rel="noopener">My Link</a>
WordPress began implementing this when adding a hyperlink to text and selecting the “Open link in new window/tab” checkbox. It does not appear that
rel=noopener is supported by Edge at this time.
Here is some more info on
Here are a few examples demonstrating the security vulnerability and how the page that is linked to can manipulate the original page.
Just for fun – Steve Ballmer (known for his crazy stage antics) and his famous “DEVELOPERS! DEVELOPERS! DEVELOPERS!” speech. Great for when you need to get amped up and tear through your product backlog!
I thought it was kinda cool to see what exactly some of the common jQuery functions are actually doing behind the scenes with JS and CSS. Sometimes I like to keep things as simple as possible, especially for smaller adhoc apps. Once upon a time I had a small app that needed to make just one single POST request. Instead of including jQuery as a dependency in the project and written something like this:
I used some plain JS instead like this:
var request = new XMLHttpRequest();
request.open('POST', '/my/app/url', true);
request.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded; charset=UTF-8');
Check out the GitHub repo as well for lots more examples.
I really like this quick and easy to understand explanation of HTTPS/SSL. I shared this with my company’s blog a few days ago as we are beginning to enforce HTTPS on our applications. I wanted everyone on my team to understand what HTTPS is, and why it is important that we begin using HTTPS on all the custom apps we develop for clients.
This is a good article about how the C# foreach statement works and a good explanation of the IEnumerable interface:
Essential .NET – Understanding C# foreach Internals and Custom Iterators with yield