Comment Re:Any editors with good auto-completion? (Score 1) 402
(And of course, it's eaten my HTML examples!)
Let's try again, with: '<div c' becoming '<div class="></div>
(And of course, it's eaten my HTML examples!)
Let's try again, with: '<div c' becoming '<div class="></div>
I wonder whether anyone has an editor with really good auto-completion suggestions.
For example, in HTML, I might type:
Alternatively, in PHP, I might type: forea
and the editor should offer me: foreach ($key => $val){
It should also be able to show the documentation for the functions within a tooltip, do inline syntax lint checking, and support refactoring.
So far, I would also mention "Brackets" and Github's "Atom" editors as worth looking at.
Personally, I found that dynamically generating my CSS from PHP is the solution. It's easy to understand, easy to write, cross platform, and (using the etag trick), has good performance and bandwidth use.
So I have a bunch of rules like this:
echo "body{ height:100%; background: $colour_body_bg; font-family: $fontface_body; color: $colour_body_text}\n";
Even better, I can support slightly different versions of the stylesheet by linking to "style.php?style=theme_name".
Then, to handle performance and bandwidth, I use etags. The browser will always cache this document at least 10 minutes. After that, it will check for a newer version, but the server will usually reply with 304 (unchanged).
$last_modified_time = filemtime(__FILE__);
$etag = md5_file(__FILE__);
header("Last-Modified: ".gmdate("D, d M Y H:i:s", $last_modified_time)." GMT");
header("Etag: $etag");
if (@strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']) == $last_modified_time ||
trim($_SERVER['HTTP_IF_NONE_MATCH']) == $etag) {
header("HTTP/1.1 304 Not Modified");
exit;
}
header("Cache-Control: max-age=600");
header("Content-type: text/css");
That would be ideal, but it requires elevated privileges (no idea why that should be). So I'd have to put it in a firefox extension.
I'm trying to protect normal users who may not be aware that their employer is MITMing them by providing them with a web browser which has been misconfigured into trusting the cert of an SSL proxy appliance.
How does DNSSEC help?
I'd like (ideally) to write a php script that would detect when my users are on "compromised" machines, and warn them.
What I want is to write some javascript that would send back to the server what the client *thinks* is my certificate fingerprint.
As the operator of the webserver, I certainly don't consent, even if the employee had no choice..
Is there any way to detect this server-side?
Why? If the connection is being MITMd, then both sides need to be able to figure this out.
There was a long discussion on this (regrettably rejected by the browser vendor) to allow the SSL fingerprint to be obtained in JS. That would make it reasonably easy for the site operator to verify that the SSL cert hadn't been tampered with. (Of course, a really evil proxy can scan for the JS, but that game of whack-a-mole is usually easier for the good guys to win, at least sometimes).
As a website operator, I want to know if my content is being MITMd en route to the user. I know about the SSL fingerprint trick that lets a really technical user discover proxying, but I want to automate this process server-side, and stick up a big banner to say "Your employer is snooping on this connection, please log in from a trusted machine" (and then I'll prevent the user from logging in).
I've never understood why we can't get the window-manager and the application to play nice, and share one bar. Usually, there's plenty of space horizontally, and too little vertically. So, why not have the combination of:
[icon] File Edit View History Bookmarks Tools Help
Of course . but the consumer could then have their favourite OS and phone. For example, I might like a Nokia running Android, while somone else might prefer an S5 with Windows. (What I really want is an iPad with Lubuntu).
But a dual-boot phone, especially if it shipped with both would be widely liked, I think.
True, but how many consumers would like a phone that can run their choice of OS? I certainly would.
If necessary, I'd even pay for MS as long as I don't have to use it. (as with almost all laptops)
If I can get a high-end Lumia and have Android, that would be amazing.
I've found twice now that, on reporting stolen devices (to the UK police), even if we know exactly where they are (trackers, phone home etc), there's no way to get the police to react (promptly) to go and get it back. If the police would quickly go and retrieve stolen devices, the problem would vanish.
Specifically, can we assume that any extension loaded into Firefox via the official extensions repository, is open-source, and that someone from Mozilla is checking the extension before an update is released?
To do nothing is to be nothing.