April King

About:

April King is interested in job opportunities in Minneapolis—Saint Paul or remote work.

Website:

grayduck.mn

Interests:

Remote work Minneapolis—Saint Paul

Outgoing Links:

Sindre Sorhus
Subscribe to RSS:
Link

0Handling Cookies is a Minefield

2024-11-21

The text discusses the complexities of handling cookies in web development, highlighting the differences in behavior between different web browsers and programming languages. It emphasizes the potential catastrophic consequences o...

0Refresh vs. Long-lived Access Tokens

2023-04-17

The text discusses the advantages and disadvantages of using long-lived refresh tokens that generate short-lived access tokens as commonly seen in OAuth 2.0, versus long-lived access tokens. It explains the definitions of access t...

0Cache-Control Recommendations

2021-09-13

The text provides recommendations for developers and system administrators to follow when serving documents over HTTP. It explains the safe header values for different use cases, such as API calls, direct messages, and static, ver...

0Analysis of the Alexa Top 1M sites (April 2019)

2019-04-04

The text discusses the analysis of the Alexa Top 1M sites in April 2019. It highlights the usage rates of modern defensive security technologies and the improvement in the state of web security. The overall growth in adoption of t...

0Lore of MTG - Battlemage

2018-03-29

The text discusses the lore of Magic: The Gathering - BattleMage, a real-time strategy game released in 1997. It contains an incredible amount of lore from early Magic history, which was long-since considered lost to the Vorthos c...

0Analysis of the Alexa Top 1M sites (Feb 2018)

2018-02-08

The text discusses the analysis of the Alexa Top 1M websites in February 2018. It highlights the usage rates of modern defensive security technologies and the improvements in internet security. The analysis shows a steady rate of ...

0HTTP Status Code Handling

2017-09-14

The author discusses HTTP status codes and how different browsers handle unknown status codes. They found that different browsers have wildly different behavior with how they handle unknown HTTP status codes. The author also menti...

0Analysis of the Alexa Top 1M sites (June 2017)

2017-06-13

The author discusses the results of a scan of the Alexa Top 1M websites, focusing on the usage rates of modern defensive security technologies. The situation appears to be improving, with the use of technologies such as Content Se...

0Recording MTGO in 4K with OBS

2017-03-07

The text discusses the difficulties of reading cards in MTGO streams and recordings due to the small rendering area and the large amount of text. The author explains the benefits of recording in 4K and the technical details of how...

0Understanding CORS

2016-11-29

The text explains the CORS (Cross-Origin Resource Sharing) specification and provides simple examples to understand it. It also warns about the risks of using Access-Control-Allow-Credentials.

0Analysis of the Alexa Top 1M sites (October 2016)

2016-11-14

The author ran a scan of the Alexa Top 1M websites using the Mozilla Observatory in April 2016 and October 2016. The results showed a significant improvement in the security technologies across the top million sites. The percentag...

0Let's Encrypt now supports IDNs

2016-10-21

Let's Encrypt now supports internationalized domain names, allowing certs with non-ASCII characters. The author explains how to transform unicode into punycode and set up DNS and nginx configuration to request a cert using Let's E...

0Observatory by Mozilla: Making the Web Safer

2016-08-25

Observatory by Mozilla is a tool to raise awareness of security measures for websites. It uses a simple grading system to provide feedback on site improvements. The tool has been used to scan over 1.3 million websites, and 91% of ...

0X-Content-Type-Options + passive content?

2016-08-11

The author discusses how X-Content-Type-Options: nosniff interacts with passive content, and how different browsers handle incorrect MIME types. The author tested different scenarios with images and audio files and found that diff...

0Offensive playmats in Magic

2016-05-19

The text discusses the topic of offensive playmats in Magic and the controversy surrounding them. The author, a judge, shares their experiences and opinions on the matter, emphasizing that judges use their best judgment to determi...

0Analysis of CSP in the Alexa Top 1M sites (April 2016)

2016-04-25

The text discusses the usage of Content Security Policy (CSP) in the Alexa Top 1M sites. It highlights the low utilization of CSP among popular websites and the common errors found in CSP policies.

0Analysis of the Alexa Top 1M sites (April 2016)

2016-04-15

The text discusses the poor security of the Alexa Top 1M sites, as revealed by the Mozilla HTTP Observatory. It highlights the low percentages of sites using security measures such as CSP, Cookies, CORS, HTTPS, and more. The autho...

0SVG + CSP: An Unappetizing Alphabet Soup

2016-04-09

The author, a security professional, decided to implement Content Security Policy (CSP) on her personal website. However, she encountered issues with SVG files not rendering properly due to the CSP policy. After some research, she...

0Creating Ascending Ringtones for iOS / iPhone

2016-04-02

The author discusses the difficulty of installing custom ringtones on an iPhone and how to create an ascending ringtone using ffmpeg.

0Introduction to Let's Encrypt

2016-03-29

...