A Slightly Snarky Overview of Security for Apache Tomcat

Apache Tomcat crops up a lot, and frequently having been configured by someone without a lot of security background. I’ll spend a little bit of time looking at some of what you can do to improve security at a high level - I won’t be giving step by step instructions, just trying to provide a feel for what the security features can do. For implementation details, you should take a look at the official documentation. Tomcat 7’s security documentation is at Tomcat Security Considerations. For the most part I’m using their documentation as a reference to put together this post,...

Chrome Fullscreen SVG and Javascript Animations

Recently I have been working on a small web application which uses Javascript to animate and interact with a SVG. I wanted to fullscreen the SVG with the animation running. To do this, I used the fullscreen API, but quickly discovered differences between browsers. In particular, while Firefox would provide a true full screen for a given element - that is, scale the element to the fullscreen - Chrome would turn off all other elements, but leave the element being fullscreened the same size, as pictured. ![Chrome version of fullscreen](/assets/posts/fullscreen-svg-and-js-animations/chrome-fullscreen.png) Since that wasn't acceptable, the next thing I did was...

Creating Gnome-Shell Shortcuts

Creating a shortcut in Gnome-Shell is a bit harder than it was in the classic Gnome 2 desktop. There are some applications you can use that will build the shortcut file itself for you, but you still need to know where to place it. Here we'll build up a simple shortcut file, and place it into the current user's environment so it gets picked up by Gnome-Shell. The Shortcut File ================= The shortcut file is a relatively simple format. You can find more details at the [Gnome Developer site](https://developer.gnome.org/desktop-entry-spec/), but for simple cases the following format should work for you....

Forcing YouTube to Restricted Mode with Javascript

Background ---------- Recently I enabled Safe Search Enforcement on a Palo Alto firewall. This blocks search results from Google, Bing, Yahoo, YouTube, and Yandex if their respective versions of safe search aren't enabled. By using the JavaScript code that Palo Alto provides (you can see it in the [Administrator's Guide PDF](https://www.paloaltonetworks.com/content/dam/paloaltonetworks-com/en_US/assets/pdf/framemaker/61/pan-os/pan-os.pdf), page 414) you can automatically redirect three of these sites to the safe search version: Google, Bing and Yahoo. Since a number of our users needed YouTube access, and YouTube defaults to having "Restricted Mode" (Safe Search) off, I needed a way to automatically enable it so users don't...

Adding Bootstrap CSS as a Git Subtree

[Bootstrap](http://getbootstrap.com/) is a popular web frontend framework for both CSS and Javascript. Since I utilized CSS components from Bootstrap in the recent rework of my site, I wanted to clean things up such that I reduced the amount of CSS required to render the site. The first step in the process was getting the Sass version of Bootstrap, from [Github](https://github.com/twbs/bootstrap-sass). Obviously just copying the files into the _sass folder isn’t a very clean way of doing things, since I store the site in Git and the source is on Github I wanted to use a subtree. To make things harder,...