Jump to content

360 Extreme Explorer Modified Version

Humming Owl
 Share

Recommended Posts


D.Draker

D.Draker

Posted
Posted
10 hours ago, NotHereToPlayGames said:

Can you share the URL for your gym?  I'd like to test a few things and hopefully do not need a "membership" to test.

1st - It's in French only.

2nd - Yeah, you would need to login and make an attempt to redistribute "points". (discounts in Euro).

Discounts applied only upon making a payment, so you would need my debit card number.

But thanks for the worries.

Link to comment
Share on other sites
msfntor

msfntor

Posted
Posted (edited)
On 11/13/2022 at 12:57 PM, we3fan said:

Add  ||https://st.deviantart.net/eclipse/browser-support.min.js?20220218  in uBlock > My filters, removes nag message on deviantart.com .

But I don't have this "bad browser" pop-up on deviantart.com, if uBlock working... anyway, Thank You!

Edited by msfntor
1
Link to comment
Share on other sites
msfntor

msfntor

Posted
Posted (edited)

Links on this website: https://www.popularmechanics.com/ - are close to each other, if I click on button of my new Chrome extension: Minimal Reading Modehttps://chrome.google.com/webstore/detail/minimal-reading-mode/peoapnglceoafojobbkpohnojniabmkd?hl=en-US 

Version1.7.3 Updated February 6, 2022 - Size19.49 KiB so nothing... by xaviesteve - Xavi Esteve.

Example: "Space" link to try: https://www.popularmechanics.com/space/

Edited by msfntor
Link to comment
Share on other sites
hidao

hidao

Posted
Posted
On 11/15/2022 at 10:08 PM, AstroSkipper said:

AdBlockPlus and uBlock in combination is not really a good idea. Hopefully, you mean using or having used them separately. :dubbio:

You know , I'm Chinese, my English was very very bad, I mean that I only used one at the same time ...

 

Link to comment
Share on other sites
msfntor

msfntor

Posted
Posted
On 11/19/2022 at 12:42 AM, D.Draker said:

csp.withgoogle.com

Content Security Policy

-Introduction

- Why CSP

- Strict CSP

- Adopting CSP

- FAQ

- Resources

Introduction

Content Security Policy is a mechanism designed to make applications more secure against common web vulnerabilities, particularlycross-site scripting. It is enabled by setting the Content-Security-Policy HTTP response header.

The core functionality of CSP can be divided into three areas:

Requiring that all scripts are safe and trusted by the application owner (ideally by making sure they match an unpredictable identifier specified in the policy called the CSP nonce),

Ensuring that page resources, such as images, stylesheets, or frames, are loaded from trusted sources,

Miscellaneous other security features: preventing the application from being framed by untrusted domains, transparently upgrading all resource requests to HTTPS, and others.

By adopting a strict policy, which prevents the loading of untrusted scripts or plugins, an application can add an important defense-in-depth layer against markup injection attacks. This documentation focuses on the XSS mitigation aspect of CSP because XSS is one of the most common and dangerous web vulnerabilities.

An application can define a policy by setting the following header:

Content-Security-Policy: default-src https:; script-src 'nonce-{random}'; object-src 'none'

This policy will require all resources to be loaded over HTTPS, allow only <script> elements with the correct nonce attribute, and prevent loading any plugins.

Note: Real policies are a bit more complicated for compatibility and security reasons; see this example.

CSP support is available in several popular template systems and frameworks (for example, Closure Templates can automatically add CSP nonces). Several helper tools can assist you in building a secure policy, identifying any necessary markup changes, and monitoring the effects of the policy after deployment.

What should I do now? ...

MORE: https://csp.withgoogle.com/docs/index.html

 

- so safe link

1
Link to comment
Share on other sites
msfntor

msfntor

Posted
Posted
20 hours ago, msfntor said:

The core functionality of CSP can be divided into three areas:

Requiring that all scripts are safe and trusted by the application owner (ideally by making sure they match an unpredictable identifier specified in the policy called the CSP nonce),

Ensuring that page resources, such as images, stylesheets, or frames, are loaded from trusted sources,

Miscellaneous other security features: preventing the application from being framed by untrusted domains, transparently upgrading all resource requests to HTTPS, and others.

- so this is about website security.

"Content Security Policy is an effective measure to protect your site from XSS attacks. By whitelisting sources of approved content, you can prevent the browser from loading malicious assets."

Here for msfn.org: https://securityheaders.com/?q=msfn.org&followRedirects=on  - uh NOTHING good for our website...F - so all is missing..

"Ouch, you should work on your security posture immediately:" - I've already posted this in the ancient times... a long time ago, I think....

SECURITY Headers - Analyse your HTTP Response Headers: Home page: https://securityheaders.com/

- and article to read and apply: Referer and Referrer-Policy best practiceshttps://web.dev/referrer-best-practices/

1
Link to comment
Share on other sites
XPerceniol

XPerceniol

Posted
Posted
4 hours ago, msfntor said:

Here for msfn.org: https://securityheaders.com/?q=msfn.org&followRedirects=on  - uh NOTHING good for our website...F - so all is missing..

"Ouch, you should work on your security posture immediately:" - I've already posted this in the ancient times... a long time ago, I think....

Just got the same on that test with DC Browser and 360 Chrome.

Link to comment
Share on other sites
XPerceniol

XPerceniol

Posted
Posted (edited)

untitled.thumb.JPG.7c1fd474bfe8b9cc9f35f42ffe9b64c1.JPG

I have to put in email to start working on it and I don't want to ...?

  

1 minute ago, msfntor said:

Yes, because this test concern MSFN website, not browsers... MSFN is "F", very bad.


...Ugh!

Edited by XPerceniol
Link to comment
Share on other sites
msfntor

msfntor

Posted
Posted (edited)
10 minutes ago, XPerceniol said:

I have to put in email to start working on it and I don't want to ...?

I don't understand any of this...Could you explain this problem to me, please?

Edited by msfntor
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...