Konstantin Antselovich

Automated HTTPS Cookie Hijacking | fscked.org

Wednesday, September 17th, 2008

a note from security ppl that session/login cookies that normally delivered via https have to be explisidly marked as “secure” so they _only_ delivered via https. Otherwise bad ppl can hijack them.

Posted in cookies, for:charlesnw, for:collidr, programming, Security, ssl, web | Comments Off | permalink

Leisink Projects – Hiawatha [simple small secure web server ]

Thursday, July 3rd, 2008

Hiawatha is a webserver for Unix. It has been writting with ‘being secure’ as its main goal.

Posted in apache, embedded, Hiawatha, http_server, Linux, Security, server, sysadmin, web | Comments Off | permalink

How to Share Session State Between Classic ASP and ASP.NET

Wednesday, July 2nd, 2008

the subj. soluton creates COM object in .net that then is used by classic ASP to store sessions. ASP.net object stores session in SQL database

Posted in asp, asp.net, com_object, database, development, Microsoft, programming, session, sql, web, windows, windows_service | Comments Off | permalink

reddit – Trac [source code for reddit.com]

Thursday, June 19th, 2008

Interesting to look when u have a time. PS: looks like they are using git and found a way to integrate it into Trac, which is pretty cool

Posted in blog, code, development, git, opensource, programming, python, reddit, trac, web, web2.0 | Comments Off | permalink

Don’t use Pound for load balancing – Optimize Prime [use Ngnix]

Saturday, May 31st, 2008

another evidence that if u need a loadbalancer — ngnix is the answer these days [and maybe perlball]

Posted in architecture, loadbalancing, nginx, performance, scalability, sysadmin, web | Comments Off | permalink

InfoQ: Scalability Best Practices: Lessons from eBay

Friday, May 30th, 2008

the subj says it. good article

Posted in architecture, bestpractices, design, development, ebay, performance, scalability, web | Comments Off | permalink

Apache2::UploadProgress – Track the progress and give realtime feedback of file uploads – search.cpan.org

Thursday, May 29th, 2008

module that allows u to make upload progress bars

Posted in AJAX, apache, development, mod_perl, Perl, programming, web | Comments Off | permalink

James Henstridge » OpenID Attribute Exchange

Tuesday, May 27th, 2008

notes about what is Attribute Exchange (ax) in OpenID

Posted in ax, development, infrastructure, openid, Security, web, web2.0, webservices | Comments Off | permalink

protocols08cookies.pdf (application/pdf Object)

Thursday, May 22nd, 2008

[yet another one] proposal for secure session cookies

Posted in cookies, crypto, development, programming, Security, web | Comments Off | permalink

‘threads::shared’ in apache-modperl – MARC

Thursday, May 22nd, 2008

Links to some discussions and code samples, if you need to implement ‘use Threads’ in mod_perl apache (prefork MPM )

Posted in development, mod_perl, performance, Perl, programming, threads, web | Comments Off | permalink