Yii Framework Forum: PHPKonf, Insanbul, Turkey - Yii Framework Forum

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

PHPKonf, Insanbul, Turkey 21—22 May 2016

#1 User is offline   samdark 

  • Having fun
  • Yii
  • Group: Yii Dev Team
  • Posts: 5,184
  • Joined: 17-January 09
  • Location:Russia

Posted 25 March 2016 - 12:22 PM

Will speak at PHPKonf this year. Topic is "Security: from basic principles to PHP specifics".

http://phpkonf.org/
Yii 2.0 Development Cookbook

Enjoying Yii? Star us at github

Support me so I can work more on Yii: https://www.patreon.com/samdark
0

#2 User is offline   samdark 

  • Having fun
  • Yii
  • Group: Yii Dev Team
  • Posts: 5,184
  • Joined: 17-January 09
  • Location:Russia

Posted 06 June 2016 - 08:50 AM

Slides from the talk: http://slides.rmcrea...pkonf-security/
Yii 2.0 Development Cookbook

Enjoying Yii? Star us at github

Support me so I can work more on Yii: https://www.patreon.com/samdark
1

#3 User is offline   hrnair 

  • Standard Member
  • PipPip
  • Yii
  • Group: Members
  • Posts: 243
  • Joined: 09-December 12

Posted 09 June 2016 - 09:11 PM

good presentation. I do not know how target="_blank" is unsafe. I am using it in my pages. Any clue?
0

#4 User is offline   samdark 

  • Having fun
  • Yii
  • Group: Yii Dev Team
  • Posts: 5,184
  • Joined: 17-January 09
  • Location:Russia

Posted 10 June 2016 - 04:43 AM

https://mathiasbynen...o/rel-noopener/
Yii 2.0 Development Cookbook

Enjoying Yii? Star us at github

Support me so I can work more on Yii: https://www.patreon.com/samdark
0

#5 User is offline   hrnair 

  • Standard Member
  • PipPip
  • Yii
  • Group: Members
  • Posts: 243
  • Joined: 09-December 12

Posted 10 June 2016 - 10:44 AM

Thank you.
0

#6 User is offline   hrnair 

  • Standard Member
  • PipPip
  • Yii
  • Group: Members
  • Posts: 243
  • Joined: 09-December 12

Posted 12 June 2016 - 05:50 AM

View Postsamdark, on 10 June 2016 - 04:43 AM, said:



I was using target="_blank" for the unsafe user submitted external links. These were used because the external links were used in a results page loaded by ajax and I thought of keeping the results page undisturbed.

In the browsers in my PC, the following code works ok, but do you think if this is a solution for all browsers?

	public function actionRedir($url) {
		return "<!DOCTYPE html>
			<html><head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\">
			<p>redirecting..</p>
			<script>
				if (window.opener) {opener=null;}
				window.location='".urldecode($url)."';
			</script>
			</body></html>";
	}


Thanks for your time.
0

#7 User is offline   samdark 

  • Having fun
  • Yii
  • Group: Yii Dev Team
  • Posts: 5,184
  • Joined: 17-January 09
  • Location:Russia

Posted 12 June 2016 - 04:40 PM

Yes. It should be OK for all browsers that execute JavaScript.
Yii 2.0 Development Cookbook

Enjoying Yii? Star us at github

Support me so I can work more on Yii: https://www.patreon.com/samdark
0

#8 User is offline   hrnair 

  • Standard Member
  • PipPip
  • Yii
  • Group: Members
  • Posts: 243
  • Joined: 09-December 12

Posted 13 June 2016 - 07:44 AM

thanks again..
0

#9 User is offline   IQ_ 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 1
  • Joined: 06-October 16

Posted 06 October 2016 - 04:35 AM

Thanks :)
0

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users