subtls
Our great sponsors
| subtls | psl-problems | |
|---|---|---|
| 20 | 4 | |
| 349 | 102 | |
| - | - | |
| 8.0 | 0.0 | |
| about 2 months ago | over 4 years ago | |
| JavaScript | ||
| MIT License | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
subtls
- See this page fetch itself, byte by byte, over TLS
-
A beginner's guide to constant-time cryptography (2017)
Thanks, that’s a helpful summary. I knew about the ed25519 issue (but not the others) from writing this: https://github.com/jawj/subtls
- Learn and Test DMARC
- A TypeScript TLS 1.3 Client
- TLS, byte by byte
-
Taking Care of Your Mental Health as a Software Developer 🧠
🧪 Experiment - See this page fetch itself, byte by byte, over TLS. Learn about TLS by seeing how a page is downloaded.
psl-problems
-
See this page fetch itself, byte by byte, over TLS
Ryan Sleevi has written about this before on Hacker News and here's his list https://github.com/sleevi/psl-problems
It's definitely possible that Ryan would consider using this for HN a reasonable choice, because it's mostly cosmetic, but in general you should just not add more dependencies.
- Public Suffix List Problems
-
Public Suffix List
Before you begin to make use of the PSL, consider some of its problems: https://github.com/sleevi/psl-problems
FWIW, the link above successfully convinced me and a coworker not to use the PSL.
-
W3C slaps down Google's proposal to treat multiple domains as same origin
(googler here, but this is my opinion)
I think there's a big abstraction gap between what we use domains for and what they were supposed to be used for, in a way that we shouldn't assume any ownership only based on the domain itself.
For instance you can have a number of sites that use separate domains but are owned by the same entity (N domains for 1 party). You could also have the same base domain being used for several unrelated parties, think hosting a store on Shopify (1 domain for N parties). This is so ambiguous that even inside the browser you have two different implementations on the way you handle this attribution, one for cookies and one for Single-Origin Policy.
There's a good write up about this problem at https://github.com/sleevi/psl-problems. Sometimes I wonder how the web got here with the amount of kludge that we have to carry.
What are some alternatives?
ipyflow - A reactive Python kernel for Jupyter notebooks.
first-party-sets
idiomorph - A DOM-merging algorithm
list - The Public Suffix List
scheme-for-max - Max/MSP external for scripting and live coding Max with s7 Scheme Lisp
standards-positions
Civet - A TypeScript superset that favors more types and less typing
fenced-frame - Proposal for a strong boundary between a page and its embedded content
drummachine
sansio-tld-parser - A top level domain parser with no builtin io.
formkiq-core - A full-featured Document Layer for your application, providing the functionality of a flexible document management system, including storage, discovery, processing, and retrieval. Deploys directly into your Amazon Web Services Cloud. 🌟 Star to support our work!
ts-liveview - Build hybrid SSG and SSR realtime SPA/MPA with Typescript