Camp Technical Solutions anniversary event, presenting CAMP gear
by csreladm via CSSREEL | CSS Website Awards | World best websites | website design awards | CSS Gallery
Monday, July 3, 2017
Camp Technical testing CAMP
by csreladm via CSSREEL | CSS Website Awards | World best websites | website design awards | CSS Gallery
The ArcShapeR
The ArcShapeR is a sci-fi and fantasy platform. It’s goal is to unite authors with readers who are passionate about sci-fi and fantasy.
by csreladm via CSSREEL | CSS Website Awards | World best websites | website design awards | CSS Gallery
NABICA, Agencia Marketing Digital
Somos una agencia especializada en la generación de LEADS. Nuestros servicios ayudan a las empresas a capturar clientes, prospectos y a desarrollar programas de fidelización a través de medios digitales.
by csreladm via CSSREEL | CSS Website Awards | World best websites | website design awards | CSS Gallery
OnDevice App Responsive Design Tool
Landing page designed for OnDevice App responsive tool using vibrant colors and clean layout to help the visitors navigate through the page.
by csreladm via CSSREEL | CSS Website Awards | World best websites | website design awards | CSS Gallery
Tech Tool Lab London
Clean website design for a London based IT startup created with subtle page animation to convey a professional and innovative approach.
by csreladm via CSSREEL | CSS Website Awards | World best websites | website design awards | CSS Gallery
How to Get Started with Your Website Content Security Policy
This article is part of a series created in partnership with SiteGround. Thank you for supporting the partners who make SitePoint possible.
The web is based on a "same-origin" policy. Only code at mysite.com can access mysite.com's data in cookies, localStorage, Ajax requests etc. It is isolated from other domains so any access attempts from evilsite.com will be rejected.
Unfortunately, it's never that simple. Modern websites are complex and load a variety of third-party components, styles and scripts. A script loaded from another domain runs in the context of the current page and can do whatever it likes. That social networking button could monitor visitors, hijack login cookies, change page content and more. Even if you trust the third-party site, you could become victim to a man-in-the-Middle attack where the script is changed before it reaches you. Alternatively, it could permit users to launch their own Cross Site Scripting attacks (XXS).
By default, browsers implement an anything-goes approach. Fortunately, it's possible to apply restrictions using a Content Security Policy (CSP) which prevent unexpected security issues. A CSP tells the browser what's permitted, e.g. run JavaScript at mysite.com but only from files and not inline <script> tags.
Continue reading %How to Get Started with Your Website Content Security Policy%
by Craig Buckler via SitePoint
Live & Wired
Long-scrolling Landing Page with a fun header background video for social content agency, Live & Wired.
by Rob Hope via One Page Love
Subscribe to:
Posts (Atom)