• 1 Post
  • 17 Comments
Joined 1 year ago
cake
Cake day: July 21st, 2023

help-circle




  • Generally I’m not against w3 schools for quickly checking the syntax of something or how to use a specific method, but I always try stay clear of their larger code examples.

    I was learning PHP a couple years back for some hobby side projects I was working on. They provide some code here about how to connect to an SQL database. I ended up using this code for almost a year on some publicly hosted sites.

    The code they provided isn’t secure, though. It can output database errors to the client, and give away information about your database which a random user shouldn’t have access to.

    Additionally, the beginning few pages for their SQL insertion examples doesn’t mention anywhere that you should be using prepared statements. There is a page slightly further down, but for the average person learning the language, there’s no reason for them not to just copy parts the extremely insecure code and use it in their projects.

    W3 schools imo is great for quickly checking up on something, but generally it’s probably better to avoid their examples and look up the language standards somewhere else.



  • Yeah, I was super gutted when I found out. Apparently it did use to work in the past when they used to serve the ads from different servers, but not any more, unfortunately. It’s not completely pointless to install, though. It provides some great software out the box to monitor internet traffic on your network, and I’m pretty sure that in some cases it can speed up your internet by acting as a self-hosted DNS server.

    The reason UBlock works, is because it has direct access to the HTML, CSS and JavaScript sent to you. It can alter the web page directly. UBlock scans all the web pages you load, and automatically removes anything it recognizes as an ad. There’s a lot more to it than just that, and it’s a really clever tool, but essentially what it does is directly alter the code of the web page. Unfortunately, this isn’t really possible to do from another device on your network. I did look into somehow setting up a device which scans all incoming traffic like Ublock does, and then removes adverts similarly, but this isn’t really possible since HTTPS traffic is encrypted. Any attempt at removing the encryption would likely result in a heap of issues to using various services, and you’ll likely get constant warnings on your browser about a page being insecure e.t.c.



  • Not sure if you meant pihole or not, but if you did, I thought I’d just mention that a pihole doesn’t remove ads on YouTube due to the fact that the ads and the videos are served from the same server. You block the ads, you block the videos. Made me quite sad after I set my one up.

    Unless you didn’t mean pihole, in which case do enlighten me as to what a pinhole is :))