Copyright 1998-2012 Tweakers.net Tue, 07 Feb 2012 09:15:25 GMT Tue, 07 Feb 2012 09:15:25 GMT http://tweakers.net/reviews/76 Tweakblogs.net is the weblog service provided by Tweakers.net, the largest hardwaresite and techcommunity in the Netherlands. http://tweakblogs.net/ http://tweakimg.net/g/if/logo.gif 60 60 Tweakblogs.net en http://crisp.tweakblogs.net/blog/cat/179 frontpage@tweakers.net http://crisp.tweakblogs.net/blog/3928/csrf-protection-with-self-validating-tokens.html Cross-site Request Forgery is a very common social exploit method to make people unknowingly do things on their own behalf on a targeted website. It's the number four on the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors list. The main reason this problem exists in most websites is the fact that they don't check the origin of an incoming request that results in an action on that website. There are several ways a website can protect itself against these sort of attacks and I'm going to explain the way we, at Tweakers.net, have implemented our own protection method. Read more »crisp 6 http://crisp.tweakblogs.net/blog/3928/csrf-protection-with-self-validating-tokens.html#reacties http://crisp.tweakblogs.net/blog/3928 Fri, 16 Apr 2010 23:10:00 GMT http://crisp.tweakblogs.net/blog/3049/ipv6-validation-more-caveats.html Last week I was taking a nice hot bath while reading the Regular Expression Cookbook by Jan Goyvaerts and Steven Levithan. Really, there is no better way of relaxing But then chapter 7.17 made me jump out of the tub, rush to my computer, and - while still wet - start typing the regular expression printed on page 387. The chapter was called 'Matching IPv6 Addresses'. Read more »crisp 1 http://crisp.tweakblogs.net/blog/3049/ipv6-validation-more-caveats.html#reacties http://crisp.tweakblogs.net/blog/3049 Sun, 08 Nov 2009 23:12:00 GMT http://crisp.tweakblogs.net/blog/2031/ipv6-validation-(and-caveats).html Recently we got a request to also match IPv6 addresses as a host-part for our auto-links. Basically this seemed pretty straight-forward, but it proved that actually validating an IPv6 address is quite difficult. Read more »crisp 6 http://crisp.tweakblogs.net/blog/2031/ipv6-validation-(and-caveats).html#reacties http://crisp.tweakblogs.net/blog/2031 Thu, 11 Jun 2009 23:23:00 GMT http://crisp.tweakblogs.net/blog/1665/a-new-javascript-minifier-jsmin+.html For some time we have been looking for ways to minify the javascript and CSS files for Tweakers.net but were unable to find the right tool for this. If finding the right tool takes too much time there is only one other option: create your own tool, which is exactly what we did. Even better: we are releasing this tool to the public so you can use it too! Read more »crisp 6 http://crisp.tweakblogs.net/blog/1665/a-new-javascript-minifier-jsmin+.html#reacties http://crisp.tweakblogs.net/blog/1665 Thu, 09 Apr 2009 23:37:00 GMT http://crisp.tweakblogs.net/blog/317/formatting-a-multi-level-menu-using-only-one-query.html In the programming forum (dutch) on Gathering of Tweakers I often see people struggeling with multi-level menu's stored in a database and the formatting of such menu in HTML. This is actually quite a common programming problem that can be solved using some kind of recursion or stack-based processing in order to create a tree out of a flat datastructure containing parent-child relations. However, in most cases the final solution that is presented involves seperate queries being executed inside a loop or inside a function that is called recursively which retrieves the child-elements for a specific parent. In situations where the menu has many items and/or has many levels this could easily result in dozens of queries being executed only to generate something simple as a treelike-output. I would like to show you how this can be done using only a single query. Read more »crisp 1 http://crisp.tweakblogs.net/blog/317/formatting-a-multi-level-menu-using-only-one-query.html#reacties http://crisp.tweakblogs.net/blog/317 Sun, 23 Dec 2007 22:46:00 GMT http://crisp.tweakblogs.net/blog/307/is-100000-times-match()-enough-for-you.html PHP 5.2 now comes with 2 new .ini directives: code:1 2 3 [Pcre] ;pcre.recursion_limit=100000 ;pcre.backtrack_limit=100000 Although default disabled PHP will still force these defaults onto PCRE which will cause failure on common regular expressions fed on content that has more than 100.000 bytes. Actually these settings map to PCRE's MATCH_LIMIT and MATCH_LIMIT_RECURSION directives, none of which...crisp 1 http://crisp.tweakblogs.net/blog/307/is-100000-times-match()-enough-for-you.html#reacties http://crisp.tweakblogs.net/blog/307 Sun, 18 Mar 2007 01:49:00 GMT