Pages

Sunday, September 22, 2019

Phishing vulnerability on using target="_blank"; also performance downgrade

target="_blank" and window.open keep the window.opener reference towards parent/source site. Thus it opens the possibility of phishing attack.

Therefore we should use in HTML : rel="noopener noreferrer"

and in Javascript:
const newWindow = window.open('https://gosink.in');
newWindow.opener = null;

For details: here

Source: here
Posted by at No comments :

Saturday, September 14, 2019

C# .net file Prepend

In C# .net, there are no built-in feature for file prepend . However, if we want to write a file reversely we can read the lines from backward and write usually in a new file. this will generate a reverse copy of the main file.

We can read reversely like https://www.blakepell.com/2010-11-29-backward-file-reader-vb-csharp-source  - only issue is the the line feed and carriage return characters need to give a backslash (\) in the code.

If we try to write using FileStream and use Seek(0, SeekOrigin.Begin) to position write cursor at the begin ( or in a random position manipulating the offset and SeekOrigin) the contents will be overwritten.

We can use the insertion sort's trick then, we copy-shift the contents down upto the size of new content's size and write to the determined positon, it will overwrite the repeated contents created due to our "copy-shift" operation




So you understand the pain point for a large file of this raw technique.

Posted by at No comments :

Windows batch file - non-blocking command, function/subroutine and date wise file name

Let's go through the below batch file, say ping.bat:

REM REM means remark, it is the comment in windows batch file
REM Here we are extracting year, month and day separately from %date% and deriving sub-string

set year=%date:~10,4%
REM  %date:~Begin from, count of letters upto%

set month=%date:~4,2%
set day=%date:~7,2%

REM We are naming a file along with the current year, month and day with the data derived above
set LOGFILE=pingtest-%year%-%month%-%day%.log

REM A subroutine LOG is called and output redirected to a file
call :LOG > %LOGFILE%

REM Non-blocking program execution, start /b will launch the command as a new process and our batch file will continue execution and finish separately
start /b notepad.exe %LOGFILE%

exit /B

:LOG
ping 192.168.1.1
ping 192.168.1.2
ping 192.168.1.3
ping google.com



Posted by at No comments :
Subscribe to: Comments ( Atom )