17 Matching Annotations
  1. Nov 2023
  2. Sep 2023
  3. Apr 2021
  4. Mar 2021
  5. Feb 2021
    1. As soon as you're displaying content from another domain, you're basically trusting that domain not to serve-up malware. There's nothing wrong with iframes per se. If you control the content of the iframe, they're perfectly safe.
  6. Jan 2021
  7. Nov 2020
    1. obviously it's too late, but it's a good practice to keep the 3rd party dependencies mirrored in your own infrastructure :) There is NO GUARANTEE that even a huge site (like launchpad for downloading DEBs) won't go down over a period of time.
  8. Aug 2020
    1. The straightforward solution to integrate WPML with third party translation services was to do it via dedicated plugins. A separate plugin for each company offering translation services could do the trick. However, this approach had a few drawbacks. For example, WPML developers would need to update and test all these plugins whenever the WPML core plugins received an update, and vice versa; when the API used by the external service changed, you needed to incorporate the change to WPML and test it as well.
  9. Jul 2020
    1. If you have worked with emails before, the idea of placing a script into an email may set off alarm bells in your head! Rest assured, email providers who support AMP emails enforce fierce security checks that only allow vetted AMP scripts to run in their clients. This enables dynamic and interactive features to run directly in the recipients mailboxes with no security vulnerabilities! Read more about the required markup for AMP Emails here.
  10. May 2020
    1. Free data-driven attribution model Use Google’s advanced machine learning to more accurately distribute credit to all ad clicks that led to a conversion

      In other words, "just trust us" to magically figure it all out.

      I'd trust you more if you explained more about how do it. Maybe if I clicked "Learn more"?

    1. The "'strict-dynamic'" source expression aims to make Content Security Policy simpler to deploy for existing applications who have a high degree of confidence in the scripts they load directly, but low confidence in their ability to provide a reasonable list of resources to load up front.
  11. Apr 2020
    1. There is MiniKeePass on the iOS App Store, but I'm not sure if I trust it not to make off with my data. Also, syncing between my PC and the app would be a pain. (1Password has local WiFi sync) There is also KeeFox for Firefox integration, but I'm not sure if I trust that either. In short, I trust KeePass itself, but I'm not sure if I can trust the third-party developers of the mobile app and browser extension.
  12. Mar 2020
  13. www.graphitedocs.com www.graphitedocs.com
    1. Own Your Encryption KeysYou would never trust a company to keep a record of your password for use anytime they want. Why would you do that with your encryption keys? With Graphite, you don't have to. You own and manage your keys so only YOU can decrypt your content.
    1. Please consider that using this method means that you do not directly block the vendor scripts yourself, therefore, the success of this method depends heavily on the individual vendors’ adherence to regulation.