Search completed in 0.94 seconds.
Reason: invalid token ‘xyz’ in CORS header ‘Access-Control-Allow-Headers’ - HTTP
reason reason: invalid token ‘xyz’ in cors
header ‘access-control-allow-
headers’ what went wrong?
... the response to the cors request that was sent by the server includes an access-control-allow-
headers
header which includes at least one invalid
header name.
... the access-control-allow-
headers
header is sent by the server in response to a preflight request; it lets the client know which http
headers are permitted in cors requests.
...And 2 more matches
Reason: missing token ‘xyz’ in CORS header ‘Access-Control-Allow-Headers’ from CORS preflight channel - HTTP
reason reason: missing token ‘xyz’ in cors
header ‘access-control-allow-
headers’ from cors preflight channel what went wrong?
... the access-control-allow-
headers
header is sent by the server to let the client know which
headers it supports for cors requests.
... the value of access-control-allow-
headers should be a comma-delineated list of
header names, such as "x-custom-information" or any of the standard but non-basic
header names (which are always allowed).
...And 2 more matches
HTTP headers - HTTP
http
headers let the client and the server pass additional information with an http request or response.
... an http
header consists of its case-insensitive name followed by a colon (:), then by its value.
... custom proprietary
headers have historically been used with an x- prefix, but this convention was deprecated in june 2012 because of the inconveniences it caused when nonstandard fields became standard in rfc 6648; others are listed in an iana registry, whose original content was defined in rfc 4229.
...And 52 more matches
Headers - Web APIs
the
headers interface of the fetch api allows you to perform various actions on http request and response
headers.
... these actions include retrieving, setting, adding to, and removing
headers from the list of the request's
headers.
... a
headers object has an associated
header list, which is initially empty and consists of zero or more name and value pairs.
...And 24 more matches
nsIMsgHeaderParser
nsimsg
headerparser defined in comm-central/ mailnews/ mime/ public/ nsimsg
headerparser.idl mailnews/mime/public/nsimsg
headerparser.idlscriptable ???
... inherits from: nsisupports last changed in gecko 1.9 (firefox 3) to create an instance, use: var msg
headerparser = components.classes["@mozilla.org/messenger/
headerparser;1"] .createinstance(components.interfaces.nsimsg
headerparser); method overview string extract
headeraddressmailboxes(in string line); void extract
headeraddressname(in string line, out string name); void extract
headeraddressnames(in string line, out string usernames); astring makefulladdress(in astring aname, in astring aaddress); string makefulladdressstring(in string aname, in string aaddress); wstring makefulladdresswstring(in wstring name, in wstring addr); obsolete since gecko 1.9 void parseh...
...eaderaddresses(in string line, out string names, out string addresses, out pruint32 numaddresses); void parse
headerswitharray(in wstring aline, [array, size_is(count)] out wstring aemailaddresses, [array, size_is(count)] out wstring anames, [array, size_is(count)] out wstring afullnames, [retval] out unsigned long count); void reformat
headeraddresses(in string line, out string reformattedaddress); wstring reformatunquotedaddresses(in wstring line); void removeduplicateaddresses(in string addrs, in string other_addrs, in prbool removealiasestome, out string newaddress); string unquotephraseoraddr(in string line, in boolean preserveintegrity); wstring unquotephraseoraddrwstring(in wstring line, in boolean preserveintegrity); methods ext...
...And 20 more matches
Setting HTTP request headers
in addition to the actual content, some important information is passed with http
headers for both http requests and responses.
... you can add your own http
headers to any request the application makes, whether the request is initiated by your code explicitly opening an http channel, because of xmlhttprequest activity, an <img> element in content, or even from css.
...the nsihttpchannel interface has a number of properties and methods, but the method that is of interest to us is setrequest
header.
...And 17 more matches
Access-Control-Allow-Headers - HTTP
the access-control-allow-
headers response
header is used in response to a preflight request which includes the access-control-request-
headers to indicate which http
headers can be used during the actual request.
... this
header is required if the request has an access-control-request-
headers
header.
...
header type response
header forbidden
header name no syntax access-control-allow-
headers: <
header-name>[, <
header-name>]* access-control-allow-
headers: * directives <
header-name> the name of a supported request
header.
...And 10 more matches
XMLHttpRequest.setRequestHeader() - Web APIs
the xmlhttprequest method setrequest
header() sets the value of an http request
header.
... when using setrequest
header(), you must call it after calling open(), but before calling send().
... if this method is called several times with the same
header, the values are merged into one single request
header.
...And 9 more matches
XMLHttpRequest.getAllResponseHeaders() - Web APIs
the xmlhttprequest method getallresponse
headers() returns all the response
headers, separated by crlf, as a string, or returns null if no response has been received.
... note: for multipart requests, this returns the
headers from the current part of the request, not from the original channel.
... syntax var
headers = xmlhttprequest.getallresponse
headers(); parameters none.
...And 8 more matches
Installing headers using EXPORTS
public
headers and idl files are copied during the export phase of the build.
... this is accomplished by setting make variables telling the build system which module the
headers are for (since
headers are organized by module under <tt>dist/include</tt>), and which
headers need to be created from idl files by xpidl.
... for all <tt>makefile.in</tt>s which export public
headers, you should set module to the module name where the files should be copied to in <tt>dist/include</tt>.
...And 6 more matches
customDBHeaders Preference
as you follow along the step-by-step guide in creating a custom column, you may want to consider a preference setting that exposes custom
header data for use in a custom column within thunderbird's main view.
... the mailnews.customdb
headers preference will be our focus.
...the data will come from a custom
header labeled x-superfluous.
...And 6 more matches
XMLHttpRequest.getResponseHeader() - Web APIs
the xmlhttprequest method getresponse
header() returns the string containing the text of a particular
header's value.
... if there are multiple response
headers with the same name, then their values are returned as a single concatenated string, where each value is separated from the previous one by a pair of comma and space.
... the getresponse
header() method returns the value as a utf byte sequence.
...And 6 more matches
<header> - HTML: Hypertext Markup Language
the html <
header> element represents introductory content, typically a group of introductory or navigational aids.
... permitted content flow content, but with no <
header> or <footer> descendant.
...note that a <
header> element must not be a descendant of an <address>, <footer> or another <
header> element.
...And 6 more matches
Request header - MDN Web Docs Glossary: Definitions of Web-related terms
a request
header is an http
header that can be used in an http request, and that doesn't relate to the content of the message.
... request
headers, like accept, accept-*, or if-* allow to perform conditional requests; others like cookie, user-agent, or referer precise the context so that the server can tailor the answer.
... not all
headers appearing in a request are request
headers.
...And 5 more matches
nsIHttpHeaderVisitor
netwerk/protocol/http/nsihttp
headervisitor.idlscriptable this interface is used to view http request and response
headers.
... inherits from: nsisupports last changed in gecko 1.7 method overview void visit
header(in acstring a
header, in acstring avalue); methods visit
header() called by the nsihttpchannel implementation when visiting request and response
headers.
... this method can throw an exception to terminate enumeration of the channel's
headers.
...And 5 more matches
Headers.append() - Web APIs
the append() method of the
headers interface appends a new value onto an existing
header inside a
headers object, or adds the
header if it does not already exist.
... the difference between set() and append() is that if the specified
header already exists and accepts multiple values, set() will overwrite the existing value with the new one, whereas append() will append the new value onto the end of the set of values.
... for security reasons, some
headers can only be controlled by the user agent.
...And 5 more matches
Headers.get() - Web APIs
the get() method of the
headers interface returns a byte string of all the values of a
header within a
headers object with a given name.
... if the requested
header doesn't exist in the
headers object, it returns null.
... for security reasons, some
headers can only be controlled by the user agent.
...And 5 more matches
Headers.getAll() - Web APIs
the getall() method of the
headers interface used to return an array of all the values of a
header within a
headers object with a given name; in newer versions of the fetch spec, it has been deleted, and
headers.get() has been updated to fetch all
header values instead of only the first one.
... if the requested
header doesn't exist in the
headers object, it returns an empty array.
... for security reasons, some
headers can only be controller by the user agent.
...And 5 more matches
Headers.set() - Web APIs
the set() method of the
headers interface sets a new value for an existing
header inside a
headers object, or adds the
header if it does not already exist.
... the difference between set() and
headers.append is that if the specified
header already exists and accepts multiple values, set() overwrites the existing value with the new one, whereas
headers.append appends the new value to the end of the set of values.
... for security reasons, some
headers can only be controller by the user agent.
...And 5 more matches
HTTP header - MDN Web Docs Glossary: Definitions of Web-related terms
an http
header is a field of an http request or response that passes additional information, altering or precising the semantics of the message or of the body.
...
headers are case-insensitive, begins at the start of a line and are immediately followed by a ':' and a value depending of the
header itself.
... traditionally,
headers are classed in categories, though this classification is no more part of any specification: general
header:
headers applying to both requests and responses but with no relation to the data eventually transmitted in the body.
...And 4 more matches
Response header - MDN Web Docs Glossary: Definitions of Web-related terms
a response
header is an http
header that can be used in an http response and that doesn't relate to the content of the message.
... response
headers, like age, location or server are used to give a more detailed context of the response.
... not all
headers appearing in a response are response
headers.
...And 4 more matches
Reason: CORS header 'Access-Control-Allow-Origin' missing - HTTP
reason reason: cors
header 'access-control-allow-origin' missing what went wrong?
... the response to the cors request is missing the required access-control-allow-origin
header, which is used to determine whether or not the resource can be accessed by content operating within the current origin.
... if the server is under your control, add the origin of the requesting site to the set of domains permitted access by adding it to the access-control-allow-origin
header's value.
...And 4 more matches
Access-Control-Expose-Headers - HTTP
the access-control-expose-
headers response
header indicates which
headers can be exposed as part of the response by listing their names.
... by default, only the 7 cors-safelisted response
headers are exposed: cache-control content-language content-length content-type expires last-modified pragma if you want clients to be able to access other
headers, you have to list them using the access-control-expose-
headers
header.
...
header type response
header forbidden
header name no syntax access-control-expose-
headers: <
header-name>, <
header-name>, ...
...And 4 more matches
CORS-safelisted request header - MDN Web Docs Glossary: Definitions of Web-related terms
a cors-safelisted request
header is one of the following http
headers: accept, accept-language, content-language, content-type.
... when containing only these
headers (and values that meet the additional requirements laid out below), a requests doesn't need to send a preflight request in the context of cors.
... you can safelist more
headers using the access-control-allow-
headers
header and also list the above
headers there to circumvent the following additional restrictions: additional restrictions cors-safelisted
headers must also fulfill the following requirements in order to be a cors-safelisted request
header: for accept-language and content-language: can only have values consisting of 0-9, a-z, a-z, space or *,-.;=.
...And 3 more matches
Headers() - Web APIs
the
headers() constructor creates a new
headers object.
... syntax var my
headers = new
headers(init); parameters init optional an object containing any http
headers that you want to pre-populate your
headers object with.
... this can be a simple object literal with bytestring values; or an existing
headers object.
...And 3 more matches
Headers.delete() - Web APIs
the delete() method of the
headers interface deletes a
header from the current
headers object.
... this method throws a typeerror for the following reasons: the value of the name parameter is not the name of an http
header.
... for security reasons, some
headers can only be controller by the user agent.
...And 3 more matches
Headers.has() - Web APIs
the has() method of the
headers interface returns a boolean stating whether a
headers object contains a certain
header.
... for security reasons, some
headers can only be controlled by the user agent.
... these
headers include the forbidden
header names and forbidden response
header names.
...And 3 more matches
Reason: CORS header 'Access-Control-Allow-Origin' does not match 'xyz' - HTTP
reason reason: cors
header 'access-control-allow-origin' does not match 'xyz' what went wrong?
... simply put, the origin making the request does not match any of the origins permitted by the access-control-allow-origin
header.
... this error can also occur if the response includes more than one access-control-allow-origin
header.
...And 3 more matches
Forbidden header name - MDN Web Docs Glossary: Definitions of Web-related terms
a forbidden
header name is the name of any http
header that cannot be modified programmatically; specifically, an http request
header name (in contrast with a forbidden response
header name).
... modifying such
headers is forbidden because the user agent retains full control over them.
... names starting with `sec-` are reserved for creating new
headers safe from apis using fetch that grant developers control over
headers, such as xmlhttprequest.
...And 2 more matches
nsIHTTPHeaderListener
modules/plugin/base/public/nsihttp
headerlistener.idlscriptable this interface allows plugin authors to access http response
headers after issuing an nsipluginhost.geturl or nsipluginhost.posturl call.
... inherits from: nsisupports last changed in gecko 1.9 (firefox 3) note: the plugin author must provide an instance to {geturl,posturl}() that implements both nsipluginstreamlistener and nsihttp
headerlistener.
...the browser will then qi this streamlistener to see if it implements nsihttp
headerlistener.
...And 2 more matches
Reason: invalid token ‘xyz’ in CORS header ‘Access-Control-Allow-Methods’ - HTTP
reason reason: invalid token ‘xyz’ in cors
header ‘access-control-allow-methods’ what went wrong?
... the response to the cors request that was sent by the server includes an access-control-allow-methods
header which includes at least one invalid method name.
... the access-control-allow-methods
header is sent by the server to let the client know what http request methods it supports for cors requests.
...And 2 more matches
431 Request Header Fields Too Large - HTTP
the http 431 request
header fields too large response status code indicates that the server refuses to process the request because the request’s http
headers are too long.
... the request may be resubmitted after reducing the size of the request
headers.
... 431 can be used when the total size of request
headers is too large, or when a single
header field is too large.
...And 2 more matches
Referer header: privacy and security concerns - Web security
there are privacy and security risks associated with the referer http
header.
... the referrer problem the referer (sic)
header contains the address of the previous web page from which a link to the currently requested page was followed, which has lots of fairly innocent uses including analytics, logging, or optimized caching.
... you can also mitigate such risks using: the referrer-policy
header on your server to control what information is sent through the referer
header.
...And 2 more matches
Entity header - MDN Web Docs Glossary: Definitions of Web-related terms
an entity
header is an http
header that can be used in an http request or response, and describes the content of the body of themessage.
...
headers like content-length, content-language, content-encoding are entities
headers.
... even if they are neither request, nor response
headers, entity
headers are often included in such terms.
... a few request
headers after a get request: in the following example, content-length is an entity
header, while host and user-agent are requests
headers: post /myform.html http/1.1 host: developer.mozilla.org user-agent: mozilla/5.0 (macintosh; intel mac os x 10.9; rv:50.0) gecko/20100101 firefox/50.0 content-length: 128 learn more technical knowledge list of all http
headers ...
Fetch metadata request header - MDN Web Docs Glossary: Definitions of Web-related terms
a fetch metadata request
header is a http request
header that provides additional information about the context the request originated from.
... these
header names are prefixed with sec- and thus they are forbidden
header names so
headers can not be modified from javascript.
... fetch metadata request
headers provide the server with additional information about where the request originated from, enabling it to ignore potentially malicious requests.
... the following are fetch metadata request
headers: sec-fetch-site sec-fetch-mode sec-fetch-user sec-fetch-dest ...
General header - MDN Web Docs Glossary: Definitions of Web-related terms
a general
header is an http
header that can be used in both request and response messages but doesn't apply to the content itself.
... depending on the context they are used in, general
headers are either response or request
headers.
... however, they are not entity
headers.
... the most common general
headers are date, cache-control or connection.
Request.headers - Web APIs
the
headers read-only property of the request interface contains the
headers object associated with the request.
... syntax var my
headers = request.
headers; value a
headers object.
... example in the following snippet, we create a new request using the request.request() constructor (for an image file in the same directory as the script), then save the request
headers in a variable: var myrequest = new request('flowers.jpg'); var my
headers = myrequest.
headers; //
headers {} to add a
header to the
headers object we use
headers.append; we then create a new request along with a 2nd init parameter, passing
headers in as an init option: var my
headers = new
headers(); my
headers.append('content-type', 'image/jpeg'); var myinit = { method: 'get',
headers: my
headers, mode: 'cors', cache: 'default' }; var myrequest = new request('flowers.jpg', myinit); mycontenttype = myrequest.
headers.get('content-type'); // returns 'image/jpeg' specifications specification ...
... status comment fetchthe definition of '
headers' in that specification.
Response.headers - Web APIs
the
headers read-only property of the response interface contains the
headers object associated with the response.
... syntax var my
headers = response.
headers; value a
headers object.
... note that at the top of the fetch() block we log the response
headers value to the console.
... var myimage = document.queryselector('img'); var myrequest = new request('flowers.jpg'); fetch(myrequest).then(function(response) { console.log(response.
headers); // returns a
headers{} object response.blob().then(function(myblob) { var objecturl = url.createobjecturl(myblob); myimage.src = objecturl; }); }); specifications specification status comment fetchthe definition of '
headers' in that specification.
Reason: Did not find method in CORS header ‘Access-Control-Allow-Methods’ - HTTP
reason reason: did not find method in cors
header ‘access-control-allow-methods’ what went wrong?
... the http method being used by the cors request is not included in the list of methods specified by the response's access-control-allow-methods
header.
... this
header specifies a comma-delineated list of the http methods which may be used when using cors to access the url specified in the request; if the request is using any other method, this error occurs.
... note: if the server includes any unrecognized or undefined method names in its access-control-allow-methods
header, a different error occurs: reason: invalid token ‘xyz' in cors
header ‘access-control-allow-methods’.
Access-Control-Request-Headers - HTTP
the access-control-request-
headers request
header is used by browsers when issuing a preflight request, to let the server know which http
headers the client might send when the actual request is made.
...
header type request
header forbidden
header name yes syntax access-control-request-
headers: <
header-name>, <
header-name>, ...
... directives <
header-name> a comma-delimited list of http
headers that are included in the request.
... examples access-control-request-
headers: x-pingother, content-type specifications specification status comment fetchthe definition of 'access-control-request-
headers' in that specification.
nsIMimeHeaders
nsimime
headers mailnews/mime/public/nsimime
headers.idlscriptable ???
...as a service: var mime
headers = components.classes["@mozilla.org/????????????????????????????"] .createinstance(components.interfaces.nsimime
headers); method overview string extract
header([const] in string
headername, in boolean getallofthem); void initialize([const] in string all
headers, in long all
headerssize); attributes attribute type description all
headers string read only.
... methods extract
header() string extract
header( [const] in string
headername, in boolean getallofthem ); parameters
headername missing description getallofthem missing description return value missing description exceptions thrown missing exception missing description initialize() void initialize( [const] in string all
headers, in long all
headerssize ); parameters all
headers insert the complete message content all
headerssize length of the passed in content exceptions thrown missing exception missing description remarks see also ...
Headers.entries() - Web APIs
the
headers.entries() method returns an iterator allowing to go through all key/value pairs contained in this object.
... syntax
headers.entries(); return value returns an iterator.
... example // create a test
headers object var my
headers = new
headers(); my
headers.append('content-type', 'text/xml'); my
headers.append('vary', 'accept-language'); // display the key/value pairs for (var pair of my
headers.entries()) { console.log(pair[0]+ ': '+ pair[1]); } the result is: content-type: text/xml vary: accept-language ...
Headers.keys() - Web APIs
the
headers.keys() method returns an iterator allowing to go through all keys contained in this object.
... syntax
headers.keys(); return value returns an iterator.
... example // create a test
headers object var my
headers = new
headers(); my
headers.append('content-type', 'text/xml'); my
headers.append('vary', 'accept-language'); // display the keys for(var key of my
headers.keys()) { console.log(key); } the result is: content-type vary ...
Headers.values() - Web APIs
the
headers.values() method returns an iterator allowing to go through all values contained in this object.
... syntax
headers.values(); return value returns an iterator.
... example // create a test
headers object var my
headers = new
headers(); my
headers.append('content-type', 'text/xml'); my
headers.append('vary', 'accept-language'); // display the values for (var value of my
headers.values()) { console.log(value); } the result is: text/xml accept-language ...
Reason: expected ‘true’ in CORS header ‘Access-Control-Allow-Credentials’ - HTTP
reason reason: expected ‘true’ in cors
header ‘access-control-allow-credentials’ what went wrong?
... the cors request requires that the server permit the use of credentials, but the server's access-control-allow-credentials
header's value isn't set to true to enable their use.
... to eliminate this error by changing the server's configuration, adjust the server's configuration to set the access-control-allow-credentials
header's value to true.
Reason: Multiple CORS header 'Access-Control-Allow-Origin' not allowed - HTTP
reason reason: multiple cors
header ‘access-control-allow-origin’ not allowed what went wrong?
... more than one access-control-allow-origin
header was sent by the server.
... if you have access to the server you can change your implementation to echo back an origin in the access-control-allow-origin
header.
Reason: CORS header ‘Origin’ cannot be added - HTTP
reason reason: cors
header ‘origin’ cannot be added what went wrong?
... the user agent was unable to add the required origin
header to the http request.
... all cors requests must have an origin
header.
Standard Makefile Header - Archive of obsolete content
each mozilla makefile uses a standard
header.
... this
header sets variables which tell the makefile where it is and where the source directory is, and then include autoconf.mk, to pick up makefile variables which are set during configuration.
hideheader - Archive of obsolete content
« xul reference home hide
header type: boolean set this to true to indicate that the tree column
header should be displayed without any column
header styling.
... if you don't set a label for that column either, the
header is not displayed at all.
dialogheader - Archive of obsolete content
the
header may have a title and a description.
... attributes crop, description, title examples <?xml version="1.0"?> <?xml-stylesheet href="chrome://global/skin/global.css" type="text/css"?> <dialog id="donothing" title="dialog example" xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"> <dialog
header title="my dialog" description="example dialog"/> <!-- other widgets --> </dialog> attributes crop type: one of the values below if the label of the element is too big to fit in its given space, the text will be cropped on the side specified by the crop attribute.
listheader - Archive of obsolete content
« xul reference home [ examples | attributes | properties | methods | related ] a
header for a single column in a listbox.
... attributes disabled properties acesssibletype examples <listbox> <listhead> <list
header label="name"/> <list
header label="occupation"/> </listhead> <listitem> <listcell label="george"/> <listcell label="house painter"/> </listitem> <listitem> <listcell label="mary ellen"/> <listcell label="candle maker"/> </listitem> <listitem> <listcell label="roger"/> <listcell label="swashbuckler"/> </listitem> </listbox> attributes disabled type: boolean indicates whether the element is disabled or not.
CORS-safelisted response header - MDN Web Docs Glossary: Definitions of Web-related terms
a cors-safelisted response
header is an http
header which has been safelisted so that it will not be filtered when responses are processed by cors, since they're considered safe (as the
headers listed in access-control-expose-
headers).
... by default, the safelist includes the following response
headers: cache-control content-language content-type expires last-modified pragma examples extending the safelist you can extend the list of cors-safelisted response
headers by using the access-control-expose-
headers
header: access-control-expose-
headers: x-custom-
header, content-length ...
ROLE_COLUMNHEADER
« gecko roles page represents a column
header, providing a visual label for a column in a table.
...interfaces nsiaccessnode nsiaccessible mapped to at-spi: role_table atk: atk_role_column_
header ua: nsaccessibilitygrouprole msaa/ia2: role_system_column
header used by aria: col
header xul: <list
header/> html: <th> ...
HTTP Index - HTTP
on top of these basic concepts, numerous extensions have appeared over the years, adding new functionality and new semantics by creating new http methods or
headers.
... 9 mime types (iana media types) content-type, guide, http, mime types, meta, request
header, response
header, application/javascript, application/json, application/xml a media type (also known as a multipurpose internet mail extensions or mime type) is a standard that indicates the nature and format of a document, file, or assortment of bytes.
... 18 list of default accept values accept, content negotiation, http, reference this article documents the default values for the http accept
header for specific inputs and browser versions.
...And 186 more matches
Index - HTTP
found 122 pages: # page tags and summary 1 http
headers http, http
header, networking, overview, reference http
headers allow the client and the server to pass additional information with the request or the response.
... an http
header consists of its case-insensitive name followed by a colon ':', then by its value (without line breaks).
... 2 accept http, http
header, reference, request
header the accept request http
header advertises which content types, expressed as mime types, the client is able to understand.
...And 121 more matches
nsIHttpChannel
netwerk/protocol/http/nsihttpchannel.idlscriptable this interface allows for the modification of http request parameters and the inspection of the resulting http response status and
headers when they become available.
... inherits from: nsichannel last changed in gecko 1.3 to create an http channel, use nsiioservice with a http uri, for example: var ios = components.classes["@mozilla.org/network/io-service;1"] .getservice(components.interfaces.nsiioservice); var ch = ios.newchannel("https://www.example.com/", null, null); method overview void getoriginalresponse
header(in acstring a
header, in nsihttp
headervisitor avisitor); acstring getrequest
header(in acstring a
header); acstring getresponse
header(in acstring
header); boolean isnocacheresponse(); boolean isnostoreresponse(); void redirectto(in nsiuri anewuri); void setemptyrequest
header(in acstring a
header); void setreferrerwithpolicy(in nsiuri referrer, in un...
...signed long referrerpolicy); void setrequest
header(in acstring a
header, in acstring avalue, in boolean amerge); void setresponse
header(in acstring
header, in acstring value, in boolean merge); void visitoriginalresponse
headers(in nsihttp
headervisitor avisitor); void visitrequest
headers(in nsihttp
headervisitor avisitor); void visitresponse
headers(in nsihttp
headervisitor avisitor); constants constant description referrer_policy_no_referrer_when_downgrade default; indicates not to pass on the referrer when downgrading from https to http referrer_policy_no_referrer indicates no referrer will be sent referrer_policy_origin only send the origin of the referring uri referrer_policy_origin_whe...
...And 57 more matches
Cross-Origin Resource Sharing (CORS) - HTTP
cross-origin resource sharing (cors) is a mechanism that uses additional http
headers to tell browsers to give a web application running at one origin, access to selected resources from a different origin.
...this means that a web application using those apis can only request resources from the same origin the application was loaded from unless the response from other origins includes the right cors
headers.
...modern browsers handle the client side of cross-origin sharing, including
headers and policy enforcement.
...And 52 more matches
Enc Dec MAC Using Key Wrap CertReq PKCS10 CSR
*/ /* nspr
headers */ #include <prthread.h> #include <plgetopt.h> #include <prerror.h> #include <prinit.h> #include <prlog.h> #include <prtypes.h> #include <plstr.h> /* nss
headers */ #include <keyhi.h> #include <pk11priv.h> /* our samples utilities */ #include "util.h" /* constants */ #define blocksize 32 #define modblocksize 128 #define default_key_bits 1024 /*
header f...
...ile constants */ #define enckey_
header "-----begin wrapped enckey-----" #define enckey_trailer "-----end wrapped enckey-----" #define mackey_
header "-----begin wrapped mackey-----" #define mackey_trailer "-----end wrapped mackey-----" #define iv_
header "-----begin iv-----" #define iv_trailer "-----end iv-----" #define mac_
header "-----begin mac-----" #define mac_trailer "-----end mac-----" #define pad_
header "-----begin pad-----" #define pad_trailer "-----end pad-----" #define lab_
header "-----begin key label-----" #define lab_trailer "-----end key label-----" #define pubkey_
header "-----begin pub key -----" #define pubkey_trailer "-----end pub key ----...
...-" #define ns_certreq_
header "-----begin new certificate request-----" #define ns_certreq_trailer "-----end new certificate request-----" #define ns_cert_enc_
header "-----begin certificate for encryption-----" #define ns_cert_enc_trailer "-----end certificate for encryption-----" #define ns_cert_vfy_
header "-----begin certificate for signature verification-----" #define ns_cert_vfy_trailer "-----end certificate for signature verification-----" #define ns_sig_
header "-----begin signature-----" #define ns_sig_trailer "-----end signature-----" #define ns_cert_
header "-----begin certificate-----" #define ns_cert_trailer "-----end certificate-----" /* sample 6 commands */ typedef enum { generate_csr, add_cert_to_db, save_cert_to_...
...And 48 more matches
sample2
*/ /* nspr
headers */ #include <prthread.h> #include <plgetopt.h> #include <prerror.h> #include <prinit.h> #include <prlog.h> #include <prtypes.h> #include <plstr.h> /* nss
headers */ #include <cryptohi.h> #include <keyhi.h> #include <pk11priv.h> #include <cert.h> #include <base64.h> #include <secerr.h> #include <secport.h> #include <secoid.h> #include <secmodt.h> #include <secoidt.h> #include <sechash.h> /* our samples utilities */ #include "util.h" /* constants */ #define blocksize 32 #define modblocksize 128 #define default_key_bits 1024 /*
header file constants */ #define enckey_he...
...ader "-----begin wrapped enckey-----" #define enckey_trailer "-----end wrapped enckey-----" #define mackey_
header "-----begin wrapped mackey-----" #define mackey_trailer "-----end wrapped mackey-----" #define iv_
header "-----begin iv-----" #define iv_trailer "-----end iv-----" #define mac_
header "-----begin mac-----" #define mac_trailer "-----end mac-----" #define pad_
header "-----begin pad-----" #define pad_trailer "-----end pad-----" #define lab_
header "-----begin key label-----" #define lab_trailer "-----end key label-----" #define pubkey_
header "-----begin pub key -----" #define pubkey_trailer "-----end pub key -----" #define ns_certreq_
header "-----begin new certificate request-----" #define ns_certreq_trailer "-----end new certificate request-----" #define ns_cert_enc_
header "-----begin ce...
...rtificate for encryption-----" #define ns_cert_enc_trailer "-----end certificate for encryption-----" #define ns_cert_vfy_
header "-----begin certificate for signature verification-----" #define ns_cert_vfy_trailer "-----end certificate for signature verification-----" #define ns_sig_
header "-----begin signature-----" #define ns_sig_trailer "-----end signature-----" #define ns_cert_
header "-----begin certificate-----" #define ns_cert_trailer "-----end certificate-----" /* missing publically from nss versions earlier than 3.13 */ #ifndef sec_error_base #define sec_error_base (-0x2000) typedef enum { sec_error_io = sec_error_base + 0, sec_error_token_not_logged_in = (sec_error_base + 155), sec_error_end_of_list } secerrorcodes; #endif /* port_errortostring introduced in nss 3.13.
...And 42 more matches
WebRequest.jsm
usage to import webrequest, use code like: let {webrequest} = cu.import("resource://gre/modules/webrequest.jsm", {}); the webrequest object has the following properties, each of which corresponds to a specific stage in executing a web request: onbeforerequest onbeforesend
headers onsend
headers on
headersreceived onresponsestarted oncompleted each of these objects defines two functions: addlistener(callback, filter, opt_extrainfospec) removelistener(callback) adding listeners use addlistener to add a listener to a particular event.
... there are four things you can do with a request: cancel it redirect it modify request
headers modify response
headers.
... redirect onbeforesend
headers redirecturl string set to the url to redirect the request to.
...And 39 more matches
Index - Web APIs
this may come from http
headers or other sources of mime information, and might be affected by automatic type conversions performed by either the browser or extensions.
... 1300 fetch basic concepts api, fetch, fetch api, xmlhttprequest, concepts, guard, request at the heart of fetch are the interface abstractions of http requests, responses,
headers, and body payloads, along with a global fetch method for initiating asynchronous resource requests.
... 1907 htmltablecellelement api, cells, html dom, htmltablecellelement, interface, reference, table cells, tables the htmltablecellelement interface provides special properties and methods (beyond the regular htmlelement interface it also has available to it by inheritance) for manipulating the layout and presentation of table cells, either
header or data cells, in an html document.
...And 34 more matches
Encrypt Decrypt_MAC_Using Token
*/ /* nspr
headers */ #include #include #include #include #include #include #include /* nss
headers */ #include #include /* our samples utilities */ #include "util.h" #define buffersize 80 #define digestsize 16 #define ptext_mac_buffer_size 96 #define ciphersize 96 #define blocksize 32 #define cipher_
header "-----begin cipher-----" #define cipher_trailer "-----end cipher-----" #define enckey_
header ...
... "-----begin aeskey ckaid-----" #define enckey_trailer "-----end aeskey ckaid-----" #define mackey_
header "-----begin mackey ckaid-----" #define mackey_trailer "-----end mackey ckaid-----" #define iv_
header "-----begin iv-----" #define iv_trailer "-----end iv-----" #define mac_
header "-----begin mac-----" #define mac_trailer "-----end mac-----" #define pad_
header "-----begin pad-----" #define pad_trailer "-----end pad-----" typedef enum { encrypt, decrypt, unknown } commandtype; typedef enum { symkey = 0, mackey = 1, iv = 2, mac = 3, pad = 4 }
headertype; /* * print usage message and exit.
..."); fprintf(stderr, "%-20s specify noise file name [optional]\n\n", "-z "); fprintf(stderr, "%-21s specify an input file name\n\n", "-i "); fprintf(stderr, "%-21s specify an output file name\n\n", "-o "); fprintf(stderr, "%-7s for encrypt, it takes as an input file and produces\n", "note :"); fprintf(stderr, "%-7s .enc and .
header as intermediate output files.\n\n", ""); fprintf(stderr, "%-7s for decrypt, it takes .enc and .
header\n", ""); fprintf(stderr, "%-7s as input files and produces as a final output file.\n\n", ""); exit(-1); } /* * gather a cka_id.
...And 32 more matches
Enc Dec MAC Output Public Key as CSR
*/ /* nspr
headers */ #include #include #include #include #include #include #include /* nss
headers */ #include #include #include #include #include #include #include #include #include #include #include #include /* our samples utilities */ #include "util.h" #define buffersize 80 #define digestsize 16 #define ptext_mac_buffer_size 96 #define ciphersize 96 #define blocksize 32 #define...
... default_key_bits 1024 #define cipher_
header "-----begin cipher-----" #define cipher_trailer "-----end cipher-----" #define enckey_
header "-----begin wrapped enckey-----" #define enckey_trailer "-----end wrapped enckey-----" #define mackey_
header "-----begin wrapped mackey-----" #define mackey_trailer "-----end wrapped mackey-----" #define iv_
header "-----begin iv-----" #define iv_trailer "-----end iv-----" #define mac_
header "-----begin mac-----" #define mac_trailer "-----end mac-----" #define pad_
header "-----begin pad-----" #define pad_trailer "-----end pad-----" #define lab_
header "-----begin key label-----" #define lab_trailer "-----end key label-----" #d...
...efine pubkey_
header "-----begin pub key -----" #define pubkey_trailer "-----end pub key -----" #define ns_certreq_
header "-----begin new certificate request-----" #define ns_certreq_trailer "-----end new certificate request-----" typedef enum { gen_csr, encrypt, decrypt, unknown } commandtype; typedef enum { symkey = 0, mackey = 1, iv = 2, mac = 3, pad = 4, pubkey = 5, lab = 6 }
headertype; /* this is conditionalized because port_errortostring was introduced with nss 3.13.
...And 31 more matches
Content negotiation - HTTP
the determination of the best suited representation is made through one of two mechanisms: specific http
headers by the client (server-driven negotiation or proactive negotiation), which is the standard way of negotiating a specific kind of resource.
... over the years, other content negotiation proposals, like transparent content negotiation and the alternates
header, have been proposed.
... server-driven content negotiation in server-driven content negotiation, or proactive content negotiation, the browser (or any other kind of user-agent) sends several http
headers along with the url.
...And 31 more matches
Index - MDN Web Docs Glossary: Definitions of Web-related terms
40 breadcrumb accessibility, glossary, navigation, search, site map, breadcrumb a breadcrumb, or breadcrumb trail, is a navigational aid that is typically placed between a site's
header and the main content, displaying either a hierarchy of the current page in relation to the the site's structure, from top level to current page, or a list of the links the user followed to get to the current page, in the order visited.
... 48 cors glossary, infrastructure, security cors (cross-origin resource sharing) is a system, consisting of transmitting http
headers, that determines whether browsers block frontend javascript code from accessing responses for cross-origin requests.
... 49 cors-safelisted request
header cors, fetch a cors-safelisted request
header is one of the following http
headers: 50 cors-safelisted response
header cors, fetch, glossary, http a cors-safelisted response
header is an http
header which has been safelisted so that it will not be filtered when responses are processed by cors, since they're considered safe (as the
headers listed in access-control-expose-
headers).
...And 29 more matches
NSS Sample Code Sample_3_Basic Encryption and MACing
sample code 3 /* nspr
headers */ #include <prthread.h> #include <plgetopt.h> #include <prerror.h> #include <prinit.h> #include <prlog.h> #include <prtypes.h> #include <plstr.h> /* nss
headers */ #include <keyhi.h> #include <pk11priv.h> /* our samples utilities */ #include "util.h" #define buffersize 80 #define digestsize 16 #define ptext_mac_buffer_size 96 #define ciphersize 96 #define blocksize 32 #define cipher_
header "-----begin cipher-----" #define cipher_trailer "-----end cipher-----" #define enckey_
header "-----begin aeskey ckaid-----" #define enckey_trailer "-----end aeskey ckaid-----" #de...
...fine mackey_
header "-----begin mackey ckaid-----" #define mackey_trailer "-----end mackey ckaid-----" #define iv_
header "-----begin iv-----" #define iv_trailer "-----end iv-----" #define mac_
header "-----begin mac-----" #define mac_trailer "-----end mac-----" #define pad_
header "-----begin pad-----" #define pad_trailer "-----end pad-----" typedef enum { encrypt, decrypt, unknown } commandtype; typedef enum { symkey = 0, mackey = 1, iv = 2, mac = 3, pad = 4 }
headertype; /* print a usage message and exit */ static void usage(const char *progname) { fprintf(stderr, "\nusage: %s -c <a|b> -d <dbdirpath> [-z <noisefilename>] " "[-p <dbpwd> | -f <dbpwdfile>] -i <ipf...
... "-z <noisefilename>"); fprintf(stderr, "%-21s specify an input file name\n\n", "-i <ipfilename>"); fprintf(stderr, "%-21s specify an output file name\n\n", "-o <opfilename>"); fprintf(stderr, "%-7s for encrypt, it takes <ipfilename> as an input file and produces\n", "note :"); fprintf(stderr, "%-7s <ipfilename>.enc and <ipfilename>.
header as intermediate output files.\n\n", ""); fprintf(stderr, "%-7s for decrypt, it takes <ipfilename>.enc and <ipfilename>.
header\n", ""); fprintf(stderr, "%-7s as input files and produces <opfilename> as a final output file.\n\n", ""); exit(-1); } /* this source code form is subject to the terms of the mozilla public * license, v.
...And 28 more matches
Encrypt Decrypt MAC Keys As Session Objects
*/ /* nspr
headers */ #include #include #include #include #include #include #include /* nss
headers */ #include #include /* our samples utilities */ #include "util.h" #define buffersize 80 #define digestsize 16 #define ptext_mac_buffer_size 96 #define ciphersize 96 #define blocksize 32 #define cipher_
header "-----begin cipher-----" #define cipher_trailer "-----end cipher-----" #define enckey_
header ...
... "-----begin aeskey ckaid-----" #define enckey_trailer "-----end aeskey ckaid-----" #define mackey_
header "-----begin mackey ckaid-----" #define mackey_trailer "-----end mackey ckaid-----" #define iv_
header "-----begin iv-----" #define iv_trailer "-----end iv-----" #define mac_
header "-----begin mac-----" #define mac_trailer "-----end mac-----" #define pad_
header "-----begin pad-----" #define pad_trailer "-----end pad-----" typedef enum { encrypt, decrypt, unknown } commandtype; typedef enum { symkey = 0, mackey = 1, iv = 2, mac = 3, pad = 4 }
headertype; /* * print usage message and exit */ static void usage(const char *progname) { fprintf(stderr, "\nusage: ...
..."); fprintf(stderr, "%-20s specify noise file name [optional]\n\n", "-z "); fprintf(stderr, "%-21s specify an input file name\n\n", "-i "); fprintf(stderr, "%-21s specify an output file name\n\n", "-o "); fprintf(stderr, "%-7s for encrypt, it takes as an input file and produces\n", "note :"); fprintf(stderr, "%-7s .enc and .
header as intermediate output files.\n\n", ""); fprintf(stderr, "%-7s for decrypt, it takes .enc and .
header\n", ""); fprintf(stderr, "%-7s as input files and produces as a final output file.\n\n", ""); exit(-1); } /* * gather a cka_id */ secstatus gathercka_id(pk11symkey* key, secitem* buf) { secstatus rv = pk11_readrawattribute(pk11_typesymkey...
...And 27 more matches
Encrypt and decrypt MAC using token
*/ /* nspr
headers */ #include #include #include #include #include #include #include /* nss
headers */ #include #include /* our samples utilities */ #include "util.h" #define buffersize 80 #define digestsize 16 #define ptext_mac_buffer_size 96 #define ciphersize 96 #define blocksize 32 #define cipher_
header "-----begin cipher-----" #define cipher_trailer "-----end cipher-----" #define enckey_
header ...
... "-----begin aeskey ckaid-----" #define enckey_trailer "-----end aeskey ckaid-----" #define mackey_
header "-----begin mackey ckaid-----" #define mackey_trailer "-----end mackey ckaid-----" #define iv_
header "-----begin iv-----" #define iv_trailer "-----end iv-----" #define mac_
header "-----begin mac-----" #define mac_trailer "-----end mac-----" #define pad_
header "-----begin pad-----" #define pad_trailer "-----end pad-----" typedef enum { encrypt, decrypt, unknown } commandtype; typedef enum { symkey = 0, mackey = 1, iv = 2, mac = 3, pad = 4 }
headertype; /* * print usage message and exit */ static void usage(const char *progname) { fprintf(stderr, "\nusage...
..."); fprintf(stderr, "%-20s specify noise file name [optional]\n\n", "-z "); fprintf(stderr, "%-21s specify an input file name\n\n", "-i "); fprintf(stderr, "%-21s specify an output file name\n\n", "-o "); fprintf(stderr, "%-7s for encrypt, it takes as an input file and produces\n", "note :"); fprintf(stderr, "%-7s .enc and .
header as intermediate output files.\n\n", ""); fprintf(stderr, "%-7s for decrypt, it takes .enc and .
header\n", ""); fprintf(stderr, "%-7s as input files and produces as a final output file.\n\n", ""); exit(-1); } /* * gather a cka_id */ secstatus gathercka_id(pk11symkey* key, secitem* buf) { secstatus rv = pk11_readrawattribute(pk11_typesymkey...
...And 27 more matches
EncDecMAC using token object - sample 3
*/ /* nspr
headers */ #include #include #include #include #include #include #include /* nss
headers */ #include #include /* our samples utilities */ #include "util.h" #define buffersize 80 #define digestsize 16 #define ptext_mac_buffer_size 96 #define ciphersize 96 #define blocksize 32 #define cipher_
header "-----begin cipher-----" #define cipher_trailer "-----end cipher-----" #define enckey_
header "-----begin aes...
...key ckaid-----" #define enckey_trailer "-----end aeskey ckaid-----" #define mackey_
header "-----begin mackey ckaid-----" #define mackey_trailer "-----end mackey ckaid-----" #define iv_
header "-----begin iv-----" #define iv_trailer "-----end iv-----" #define mac_
header "-----begin mac-----" #define mac_trailer "-----end mac-----" #define pad_
header "-----begin pad-----" #define pad_trailer "-----end pad-----" typedef enum { encrypt, decrypt, unknown } commandtype; typedef enum { symkey = 0, mackey = 1, iv = 2, mac = 3, pad = 4 }
headertype; /* * print usage message and exit */ static void usage(const char *progname) { fprintf(stderr, "\nusage: %s -c -d [-z ] " "[-p | -f ] -i -o \n\n", progname); fprintf(stderr, "%-20s specify 'a' for encrypt operation\n\n", "-c "); fprintf(stderr, "%-20s specify ...
... "); fprintf(stderr, "%-20s specify db password file [optional]\n\n", "-f "); fprintf(stderr, "%-20s specify noise file name [optional]\n\n", "-z "); fprintf(stderr, "%-21s specify an input file name\n\n", "-i "); fprintf(stderr, "%-21s specify an output file name\n\n", "-o "); fprintf(stderr, "%-7s for encrypt, it takes as an input file and produces\n", "note :"); fprintf(stderr, "%-7s .enc and .
header as intermediate output files.\n\n", ""); fprintf(stderr, "%-7s for decrypt, it takes .enc and .
header\n", ""); fprintf(stderr, "%-7s as input files and produces as a final output file.\n\n", ""); exit(-1); } /* * gather a cka_id */ secstatus gathercka_id(pk11symkey* key, secitem* buf) { secstatus rv = pk11_readrawattribute(pk11_typesymkey, key, cka_id, buf); if (rv != secsuccess) { pr_fprintf(pr_...
...And 24 more matches
HTML table advanced features and accessibility - Learn web development
one clear way to do this is by using <thead>, <tfoot>, and <tbody>, which allow you to mark up a
header, footer, and body section for the table.
...to give you some interesting examples, in the case of a long table you could make the table
header and footer repeat on every printed page, and you could make the table body display on a single page and have the contents available by scrolling up and down.
... to use them: the <thead> element must wrap the part of the table that is the
header — this is usually the first row containing the column headings, but this is not necessarily always the case.
...And 22 more matches
nsIMsgDBHdr
the nsimsgdbhdr interface describes
headers for mail messages.
...for instance, msghdrforcurrentmessage() will return the currently selected message's
header.
...
headers are backed by the database: a call to these functions directly modifies the state of the database, although it is not saved until the database is committed.
...And 19 more matches
Network request details - Firefox Developer Tools
the tabs at the top of this pane enable you to switch between the following pages:
headers messages (only for websocket items) cookies params response cache timings security (only for secure pages) stack trace (only when the request has a stack trace, e.g.
...
headers tab the
headers tab has a toolbar, followed by three main sections.
... referrer policy: the value of the referrer-policy
header.
...And 19 more matches
HTTP Messages - HTTP
an optional set of http
headers specifying the request, or describing the body included in the message.
...the presence of the body and its size is specified by the start-line and http
headers.
... the start-line and http
headers of the http message are collectively known as the head of the requests, whereas its payload is known as the body.
...And 19 more matches
Protocol upgrade mechanism - HTTP
the http/1.1 protocol provides a special mechanism that can be used to upgrade an already established connection to a different protocol, using the upgrade
header field.
... upgrading http/1.1 connections the upgrade
header field is used by clients to invite the server to switch to one of the listed protocols, in descending preference order.
... because upgrade is a hop-by-hop
header, it also needs to be listed in the connection
header field.
...And 19 more matches
Using Fetch - Web APIs
set-cookie
headers from other sites are silently ignored.
... mode: 'cors', // no-cors, *cors, same-origin cache: 'no-cache', // *default, no-cache, reload, force-cache, only-if-cached credentials: 'same-origin', // include, *same-origin, omit
headers: { 'content-type': 'application/json' // 'content-type': 'application/x-www-form-urlencoded', }, redirect: 'follow', // manual, *follow, error referrerpolicy: 'no-referrer', // no-referrer, *no-referrer-when-downgrade, origin, origin-when-cross-origin, same-origin, strict-origin, strict-origin-when-cross-origin, unsafe-url body: json.stringify(data) // body data type ...
...must match "content-type"
header }); return response.json(); // parses json response into native javascript objects } postdata('https://example.com/answer', { answer: 42 }) .then(data => { console.log(data); // json data parsed by `data.json()` call }); note that mode: "no-cors" only allows a limited set of
headers in the request: accept accept-language content-language content-type with a value of application/x-www-form-urlencoded, multipart/form-data, or text/plain sending a request with credentials included to cause browsers to send a request with credentials included, even for a cross-origin call, add credentials: 'include' to the init object you pass to the fetch() method.
...And 18 more matches
HTTP caching - HTTP
for more details see the information about the vary
header below.
... controlling caching the cache-control
header the cache-control http/1.1 general-
header field is used to specify directives for caching mechanisms in both requests and responses.
... use this
header to define your caching policies with the variety of directives it provides.
...And 18 more matches
HTTP conditional requests - HTTP
principles http conditional requests are requests that are executed differently, depending on the value of specific
headers.
... these
headers define a precondition, and the result of the request will be different if the precondition is matched or not.
... the different behaviors are defined by the method of the request used, and by the set of
headers used for a precondition: for safe methods, like get, which usually tries to fetch a document, the conditional request can be used to send back the document, if relevant only.
...And 16 more matches
Large-Allocation - HTTP
the non-standard large-allocation response
header tells the browser that the page being loaded is going to want to perform a large allocation.
...the large-allocation tells the browser that the web content in the to-be-loaded page is going to want to perform a large contiguous memory allocation and the browser can react to this
header by starting a dedicated process for the to-be-loaded document, for example.
...
header type response
header forbidden
header name no syntax large-allocation: 0 large-allocation: <megabytes> directives 0 0 is a special value which represents uncertainty as to what the size of the allocation is.
...And 15 more matches
Writing WebSocket servers - Web APIs
the client will send a pretty standard http request with
headers that looks like this (the http version must be 1.1 or greater, and the method must be get): get /chat http/1.1 host: example.com:8000 upgrade: websocket connection: upgrade sec-websocket-key: dghlihnhbxbszsbub25jzq== sec-websocket-version: 13 the client can solicit extensions and/or subprotocols here; see miscellaneous for details.
... also, common
headers like user-agent, referer, cookie, or authentication
headers might be there as well.
... tip: all browsers send an origin
header.
...And 14 more matches
HTTP response status codes - HTTP
101 switching protocol this code is sent in response to an upgrade request
header from the client, and indicates the protocol the server is switching to.
... 103 early hints this status code is primarily intended to be used with the link
header, letting the user agent start preloading resources while the server prepares a response.
... head: the entity
headers are in the message body.
...And 14 more matches
Eclipse CDT
express setup for the eclipse indexer to work well you must first build mozilla, so that it includes
headers from the objdir etc.
... to quickly switch between a source file and its
header file, use ctrl-tab.
...
headers are only parsed once for performance reasons, eclipse only processes
header files that have include guards once, using the compiler options for the first source file it encounters that includes that
header (eclipse bug 380511).
...And 13 more matches
<tr>: The Table Row element - HTML: Hypertext Markup Language
the row's cells can then be established using a mix of <td> (data cell) and <th> (
header cell) elements.
... there are just four rows (including one
header row), each with four columns (including one
header column).
...that way, both
header and data cells are easily demarcated.
...And 12 more matches
HTML table basics - Learn web development
information is easily interpreted by making visual associations between row and column
headers.
...you can find the answer by associating the relevant row and column
headers.
...one row to contain the
header, one row to contain the content columns, one row to contain the footer, etc.
...And 11 more matches
ARIA: row role - Accessibility
a row contains one or more cells, grid cells or column
headers, and possibly a row
header, within a grid, table or treegrid, and optionally within a rowgroup.
... <div role="table" aria-label="populations" aria-describedby="country_population_desc"> <div id="country_population_desc">world populations by country</div> <div role="rowgroup"> <div role="row"> <span role="column
header" aria-sort="descending">country</span> <span role="column
header"aria-sort="none">population</span> </div> </div> <div role="rowgroup"> <div role="row"> <span role="cell">finland</span> <span role="cell">5.5 million</span> </div> <div role="row"> <span role="cell">france</span> <span role="cell">67 million</span> </div> </div> </div> description the element role="row" is a row within a grid, table or treegrid, and optionally within a rowgroup, that is a container for one or mor...
...e cells, gridcells, column
headers, or row
headers within a static tabular structure.
...And 11 more matches
Using HTML sections and outlines - Developer guides
html
header element (<
header>) defines a page area that typically contains a logo, title, and navigation.
... the
header can also be used inside other semantic elements such as <article> or <section>.
... a section
header might contain the section's heading, author name, etc.
...And 11 more matches
HTTP Public Key Pinning (HPKP) - HTTP
note: public key pinning mechanism was deprecated in favor of certificate transparency and expect-ct
header.
...the first time a web server tells a client via a special http
header which public keys belong to it, the client stores this information for a given period of time.
... enabling hpkp to enable this feature for your site, you need to return the public-key-pins http
header when your site is accessed over https: public-key-pins: pin-sha256="base64=="; max-age=expiretime [; includesubdomains][; report-uri="reporturi"] pin-sha256 the quoted string is the base64 encoded subject public key information (spki) fingerprint.
...And 11 more matches
Index - Archive of obsolete content
the contents of this standalone xpcom in general are: 638 standard makefile
header no summary!
... 887 hide
header xul attributes, xul reference no summary!
... 1630
header xul reference, xul_style_classes no summary!
...And 10 more matches
Getting started with React - Learn web development
suppose we wanted to wrap our heading in a <
header> tag, for semantic reasons?
... the jsx approach allows us to nest our elements within each other, just like we do with html: const
header = ( <
header> <h1>mozilla developer network</h1> </
header> ); note: the parentheses in the previous snippet aren't unique to jsx, and don’t have any effect on your application.
...you could just as well write the
header expression like this: const
header = <
header> <h1>mozilla developer network</h1> </
header> however, this looks kind of awkward, because the <
header> tag that starts the expression is not indented to the same position as its corresponding closing tag.
...And 10 more matches
Adding a new event
you should choose a good
header file from what your event class represents.
... basicevents.h this
header file should be used only for defining generic purpose event class such as a common super class of various event classes.
... contentevents.h this
header file should be used for defining internal event classes which are dispatched in content and do not represent user action.
...And 10 more matches
Index
73 setting http request
headers add-ons, extensions, http, xul, xulrunner http is one of the core technologies behind the web.
... in addition to the actual content, some important information is passed with http
headers for both http requests and responses.
... 106 packaging weblock xpcom in this final part of the tutorial, we'll put all of the pieces of the web locking component - the library itself, the type library, the
header file, and the user interface resources - into a package that can be installed on other systems.
...And 10 more matches
Network request list - Firefox Developer Tools
network request columns you can toggle columns on and off by right-clicking on the table
header and choosing the specific column from the context menu.
... clicking the column
header label sorts the request list by that column.
... scheme:http has-response-
header shows resources that contain the specified http response
header.
...And 10 more matches
HTMLTableCellElement - Web APIs
the htmltablecellelement interface provides special properties and methods (beyond the regular htmlelement interface it also has available to it by inheritance) for manipulating the layout and presentation of table cells, either
header or data cells, in an html document.
... htmltablecellelement.abbr a domstring which can be used on <th> elements (not on <td>), specifying an alternative label for the
header cell..
... this alternate label can be used in other contexts, such as when describing the
headers that apply to a data cell.
...And 10 more matches
ARIA: cell role - Accessibility
the cell value of the aria role attribute identifies an element as being a cell in a tabular container that does not contain column or row
header information.
...if a cell contains column or row
header information, use the col
header or row
header roles, respecitively.
... if the cell does not contain
header information and is nested in a grid or treegrid, the role of gridcell may be more appropriate.
...And 10 more matches
Evolution of HTTP - HTTP
<html> a very simple html page </html> unlike subsequent evolutions, there were no http
headers, meaning that only html files could be transmitted, but no other type of documents.
...xtended it to be more versatile: versioning information is now sent within each request (http/1.0 is appended to the get line) a status code line is also sent at the beginning of the response, allowing the browser itself to understand the success or failure of the request and to adapt its behavior in consequence (like in updating or using its local cache in a specific way) the notion of http
headers has been introduced, both for the requests and the responses, allowing metadata to be transmitted and making the protocol extremely flexible and extensible.
... with the help of the new http
headers, the ability to transmit other documents than plain html files has been added (thanks to the content-type
header).
...And 10 more matches
Theme concepts
themes developed using the webextensions api in firefox enable you to change the look of the browser by adding images to the
header area of the firefox browser; this is the area behind the menu bar, toolbars, address bar, search bar, and tab strip.
... add the theme image file to the folder: <mytheme> <your_
header_image>.<type> create a file called manifest.json in the folder and edit its content as follows: { "manifest_version": 2, "version": "1.0", "name": "<your_theme_name>", "theme": { "images": { "theme_frame": "<your_
header_image>.<type>" }, "colors": { "frame": "#ffffff", "tab_background_text": "#000" } } } where: "frame": is the heading are...
... static theme approaches there are two approaches you can take to theming the
header area of firefox: using a single image or using multiple images.
...And 9 more matches
NSS API Guidelines
the public
headers is a list of
header files that contain types, and functions, that are publicly available to higer-level apis.
... library description layer directory public
headers certdb provides all certificate handling functions and types.
...you can even put them in
header files; the
header files are protected from double inclusion.
...And 9 more matches
Realizing common layouts using CSS Grid Layout - CSS: Cascading Style Sheets
a responsive layout with 1 to 3 fluid columns using grid-template-areas many websites are a variation of this type of layout, with content, sidebars, a
header and a footer.
... my mark-up is a container with elements inside for a
header, footer, main content, navigation, sidebar, and a block into which i am intending to place advertising.
...rder-box;} .wrapper { max-width: 1024px; margin: 0 auto; font: 1.2em helvetica, arial, sans-serif; } .wrapper > * { border: 2px solid #f08c00; background-color: #ffec99; border-radius: 5px; padding: 10px; } nav ul { list-style: none; margin: 0; padding: 0; } <div class="wrapper"> <
header class="main-head">the
header</
header> <nav class="main-nav"> <ul> <li><a href="">nav 1</a></li> <li><a href="">nav 2</a></li> <li><a href="">nav 3</a></li> </ul> </nav> <article class="content"> <h1>main article area</h1> <p>in this layout, we display the areas in source order f...
...And 9 more matches
<th> - HTML: Hypertext Markup Language
the html <th> element defines a cell as
header of a group of table cells.
... the exact nature of this group is defined by the scope and
headers attributes.
... permitted content flow content, but with no
header, footer, sectioning content, or heading content descendants.
...And 9 more matches
Content Security Policy (CSP) - HTTP
if the site doesn't offer the csp
header, browsers likewise use the standard same-origin policy.
... to enable csp, you need to configure your web server to return the content-security-policy http
header.
... (sometimes you may see mentions of the x-content-security-policy
header, but that's an older version and you don't need to specify it anymore.) alternatively, the <meta> element can be used to configure a policy, for example: <meta http-equiv="content-security-policy" content="default-src 'self'; img-src https://*; child-src 'none';"> threats mitigating cross site scripting a primary goal of csp is to mitigate and report xss attacks.
...And 9 more matches
Planned changes to shared memory - JavaScript
new http
header bonanza as a baseline requirement, documents will need to be in a secure context.
... for top-level documents, two
headers will need to be set: cross-origin-opener-policy with same-origin as value (protects your origin from attackers) cross-origin-embedder-policy with require-corp as value (protects victims from your origin) with these two
headers set, postmessage() will no longer throw for sharedarraybuffer objects and shared memory across threads is therefore available.
... nested documents and dedicated workers will need to set the cross-origin-embedder-policy
header as well with the same value.
...And 9 more matches
nsIDBChangeListener
ainstigator the caller who changed the
header.
... onhdrdeleted() called when a
header is deleted from the database.
... aparentkey the key of the parent folder for deleted
header.
...And 8 more matches
nsIMsgSearchSession
rm.value; value.str = avalue; searchterm.value = value; searchterm.op = searchsession.booleanor; searchterm.booleanand = false; searchsession.appendterm(searchterm); searchsession.search(null); inherits from: nsisupports method overview void addsearchterm(in nsmsgsearchattribvalue attrib, in nsmsgsearchopvalue op, in nsimsgsearchvalue value, in boolean booleanand, in string arbitrary
header); nsimsgsearchterm createterm(); void appendterm(in nsimsgsearchterm term); void registerlistener(in nsimsgsearchnotify listener); void unregisterlistener(in nsimsgsearchnotify listener); void getnthsearchterm(in long whichterm, in nsmsgsearchattribvalue attrib, in nsmsgsearchopvalue op, in nsimsgsearchvalue value); long countsearchscopes(); ...
... void getnthsearchscope(in long which,out nsmsgsearchscopevalue scopeid, out nsimsgfolder folder); void addscopeterm(in nsmsgsearchscopevalue scope, in nsimsgfolder folder); void adddirectoryscopeterm(in nsmsgsearchscopevalue scope); void clearscopes(); [noscript] boolean scopeusescustom
headers(in nsmsgsearchscopevalue scope, in voidptr selection, in boolean forfilters); boolean isstringattribute(in nsmsgsearchattribvalue attrib); void addallscopes(in nsmsgsearchscopevalue attrib); void search(in nsimsgwindow awindow); void interruptsearch(); void pausesearch(); void resumesearch(); [noscript] nsmsgsearchtype setsearchparam(in nsmsgsearchtype type, in voidptr param); [noscript] voi...
...d addresultelement(in nsmsgresultelement element); boolean matchhdr(in nsimsgdbhdr amsghdr, in nsimsgdatabase adatabase); void addsearchhit(in nsimsgdbhdr
header, in nsimsgfolder folder); attributes attribute type description searchterms nsisupportsarray readonly: numsearchterms unsigned long readonly: runningadapter nsimsgsearchadapter readonly: searchparam voidptr not scriptable and readonly: searchtype nsmsgsearchtype readonly: numresults long readonly: window nsimsgwindow constants name value description booleanor 0 booleanand 1 methods addsearchterm() void addsearchterm(in ...
...And 8 more matches
WebIDL bindings
there are various helper objects and utility methods in dom/bindings that are also all in the mozilla::dom namespace and whose
headers are all exported into mozilla/dom (placed in $objdir/dist/include by the build process).
... the actual type returned from getparentobject must be defined in a
header included from your implementation
header, so that this type's definition is visible to the binding code.
...if the type is not in the
header file one gets by replacing '::' with '/' and appending '.h', then add a corresponding '
headerfile' annotation (or
headerfile annotation to the .webidl file).
...And 8 more matches
Using the CSS Painting API - Web APIs
to programmatically create an image used by a css stylesheet we need to work through a few steps: define a paint worklet using the registerpaint() function register the worklet include the paint() css function to elaborate over these steps, we're going to start by creating a half-highlight background, like on this
header: css paint worklet in an external script file, we employ the registerpaint() function to name our css paint worklet.
... registerpaint('
headerhighlight', class { /* define if alphatransparency is allowed alpha is set to true by default.
... css.paintworklet.addmodule('https://mdn.github.io/houdini-examples/csspaint/intro/01partone/
header-highlight.js'); reference the paint worklet in css once we have a registered paint worklet, we can use it in css.
...And 8 more matches
An overview of HTTP - HTTP
with http/1.1 and the host
header, they may even share the same ip address.
... http is extensible introduced in http/1.0, http
headers make this protocol easy to extend and experiment with.
... new functionality can even be introduced by a simple agreement between a client and a server about a new
header's semantics.
...And 8 more matches
HTTP range requests - HTTP
here the content-length
header is also useful as it indicates the full size of the image to retrieve.
... if sites omit the accept-ranges
header, they likely don't support partial requests.
...accept-ranges: none requesting a specific range from a server if the server supports range requests, you can issue such a request by using the range
header.
...And 8 more matches
Microsummary topics - Archive of obsolete content
firefox includes the x-moz request
header with these requests.
... it sets the value of the
header to the string microsummary.
... thus, to differentiate requests initiated manually by users for the purpose of viewing a web page from those initiated automatically by firefox for the purpose of summarizing that page, check for the presence and value of the x-moz request
header.
...And 7 more matches
Index - Archive of obsolete content
140 hide
header xul attributes, xul reference no summary!
... 899
header xul reference, xul_style_classes no summary!
... 1102 caption xul elements, xul reference a
header for a groupbox.
...And 7 more matches
IAccessibleTable
g column, [out] iunknown accessible ); [propget] hresult caption([out] iunknown accessible ); [propget] hresult childindex([in] long rowindex, [in] long columnindex, [out] long cellindex ); [propget] hresult columndescription([in] long column, [out] bstr description ); [propget] hresult columnextentat([in] long row, [in] long column, [out] long ncolumnsspanned ); [propget] hresult column
header([out] iaccessibletable accessibletable, [out] long startingrowindex ); [propget] hresult columnindex([in] long cellindex, [out] long columnindex ); [propget] hresult iscolumnselected([in] long column, [out] boolean isselected ); [propget] hresult isrowselected([in] long row, [out] boolean isselected ); [propget] hresult isselected([in] long row, [in] long column, [out] boolean isselected ...
...selectedrows([out] long rowcount ); [propget] hresult rowcolumnextentsatindex([in] long index, [out] long row, [out] long column, [out] long rowextents, [out] long columnextents, [out] boolean isselected ); [propget] hresult rowdescription([in] long row, [out] bstr description ); [propget] hresult rowextentat([in] long row, [in] long column, [out] long nrowsspanned ); [propget] hresult row
header([out] iaccessibletable accessibletable, [out] long startingcolumnindex ); [propget] hresult rowindex([in] long cellindex, [out] long rowindex ); hresult selectcolumn([in] long column ); [propget] hresult selectedchildren([in] long maxchildren, [out, size_is(,maxchildren), length_is(, nchildren)] long children, [out] long nchildren ); [propget] hresult selectedcolumns([in] long maxcolumns,...
...column
header() returns the column
headers as an iaccessibletable object.
...And 7 more matches
IAccessibleTableCell
1.0 66 introduced gecko 1.9.2 inherits from: iunknown last changed in gecko 1.9.2 (firefox 3.6 / thunderbird 3.1 / fennec 1.0) method overview [propget] hresult columnextent([out] long ncolumnsspanned ); [propget] hresult column
headercells([out, size_is(, ncolumn
headercells,)] iunknown cellaccessibles, [out] long ncolumn
headercells ); [propget] hresult columnindex([out] long columnindex ); [propget] hresult isselected([out] boolean isselected ); [propget] hresult rowcolumnextents([out] long row, [out] long column, [out] long rowextents, [out] long columnextents, [out] boolean isselected ); [propget] hresult rowextent([out] lo...
...ng nrowsspanned ); [propget] hresult row
headercells([out, size_is(, nrow
headercells,)] iunknown cellaccessibles, [out] long nrow
headercells ); [propget] hresult rowindex([out] long rowindex ); [propget] hresult table([out] iunknown table ); methods columnextent() returns the number of columns occupied by this cell accessible.
...column
headercells() returns the column
headers as an array of cell accessibles.
...And 7 more matches
nsIAccessibleRole
role_table 24 represents a table that contains rows and columns of cells, and optionally, row
headers and column
headers.
...also refer to the following roles: role_column
header, role_row
header, role_column, role_row, role_cell.
... role_column
header 25 represents a column
header, providing a visual label for a column in a table.
...And 7 more matches
nsIMimeConverter
the nsimimeconverter service allows you to convert
headers into and out of mime format.
... method overview string encodemimepartiistr(in string
header, in boolean structured, in string mailcharset, in long fieldnamelen, in long encodedwordsize); string encodemimepartiistr_utf8(in autf8string
header, in boolean structured, in string mailcharset, in long fieldnamelen, in long encodedwordsize); string decodemime
headertocharptr(in string
header, in string default_charset, in boolean override_charset, in boolean eatcontinuations); astring decodemime
header(in string
header, in string default_charset, in boolean override_charset, in boolean eatcontinuations); mimeencoderdata *b64encoderinit(in mimeconverteroutputcallback output_fn, in void *closure); ...
... mimeencoderdata *qpencoderinit(in mimeconverteroutputcallback output_fn, in void *closure); void encoderdestroy(in mimeencoderdata *data, in boolean abort_p); long encoderwrite(in mimeencoderdata *data, in string buffer, in long size); methods encodemimepartiistr() an variant of encodemimepartiistr_utf8() which treats the
header as written in the given charset.
...And 7 more matches
ARIA: banner role - Accessibility
<div role="banner"> <img src="companylogo.svg" alt="my company name" /> <h1>title</h1> <h2>subtitle</h2> </div> by default, the html5 <
header> element has an identical meaning to the banner landmark, unless it is a descendant of <aside>, <article>, <main>, <nav>, or <section>.
... description a banner landmark role converts the container element upon which it is applied into a
header.
... it should be reserved for the site
header content that is common across the site generally at the top of every page.
...And 7 more matches
ARIA: rowgroup role - Accessibility
a rowgroup contains one or more rows of cells, grid cells, column
headers, or row
headers within a grid, table or treegrid.
... <div role="table" aria-label="populations" aria-describedby="country_population_desc"> <div id="country_population_desc">world populations by country</div> <div role="rowgroup"> <div role="row"> <span role="column
header" aria-sort="descending">country</span> <span role="column
header"aria-sort="none">population</span> </div> </div> <div role="rowgroup"> <div role="row"> <span role="cell">finland</span> <span role="cell">5.5 million</span> </div> <div role="row"> <span role="cell">france</span> <span role="cell">67 million</span> </div> </div> </div> description rowgroup establishes a relationship between owned row elements and is a structural equivalent to the thead, tfoot and tbody elements i...
... to create an aria table
header, table footer or table body, add role="rowgroup" to the element.
...And 7 more matches
<img>: The Image Embed element - HTML: Hypertext Markup Language
if the crossorigin attribute is not specified, then a non-cors request is sent (without the origin request
header), and the browser marks the image as tainted and restricts access to its image data, preventing its usage in <canvas> elements.
... if the crossorigin attribute is specified, then a cors request is sent (with the origin request
header); but if the server does not opt into allowing cross-origin access to the image data by the origin site (by not sending any access-control-allow-origin response
header, or by not including the site's origin in any access-control-allow-origin response
header it does send), then the browser marks the image as tainted and restricts access to its image data, preventing its usage in <canvas> elements.
... allowed values: anonymous a cors request is sent with credentials omitted (that is, no cookies, x.509 certificates, or authorization request
header).
...And 7 more matches
<link>: The External Resource Link element - HTML: Hypertext Markup Language
if you encounter problems with the favicon not loading, verify that the content-security-policy
header's img-src directive is not preventing access to it.
...it specifies the type of content being loaded by the <link>, which is necessary for request matching, application of correct content security policy, and setting of correct accept request
header.
...with an origin http
header) is performed, but no credential is sent (i.e.
...And 7 more matches
Using the application cache - HTML: Hypertext Markup Language
http://www.example.com/index.html http://www.example.com/
header.png http://www.example.com/blah/blah a cache manifest file can include three sections (cache, network, and fallback, discussed below).
... in the example above, there is no section
header, so all data lines are assumed to be in the explicit (cache) section, meaning that the browser should cache all the listed resources in the application cache.
...if you change a cached resource (for example, you update the
header.png image with new content), you must also change the content of the manifest file in order to let browsers know that they need to refresh the cache.
...And 7 more matches
Using HTTP cookies - HTTP
creating cookies after receiving an http request, a server can send one or more set-cookie
headers with the response.
... the cookie is usually stored by the browser, and then the cookie is sent with requests made to the same server inside a cookie http
header.
...for details about the
header attributes mentioned below, refer to the set-cookie reference article.
...And 7 more matches
Link prefetching FAQ - HTTP
the browser looks for either an html <link> or an http link:
header with a relation type of either next or prefetch.
... an example using the link tag follows: <link rel="prefetch" href="/images/big.jpeg"> the same prefetching hint using an http link:
header: link: </images/big.jpeg>; rel=prefetch the format for the link:
header is described in rfc 5988 section 5.
...if a prefetched document is partially downloaded, then the partial document will still be stored in the cache provided the server sent an "accept-ranges: bytes" response
header.
...And 7 more matches
treecol - Archive of obsolete content
it displays the column
header and holds the size and other information about the column.
... attributes crop, cycler, dragging, editable, fixed, hidden, hide
header, ignoreincolumnpicker, label, primary, sort, sortactive, sortdirection, src, type, width properties accessibletype style classes treecol-image examples this example shows a checkbox in the first column, requires the style below.
...if false or not specified, the user can adjust the size of the column, typically by dragging the column
header with the mouse.
...And 6 more matches
What do common web layouts contain? - Learn web development
even now with the new focus on mobile web, almost all mainstream webpages are built from these parts:
header visible at the top of every page on the site.
...like the
header, contains less prominent global information like legal notices or contact info.
...here are some examples (1 represents
header, 2 footer; a main content; b1, b2 things on the side): 1-column layout.
...And 6 more matches
Document and website structure - Learn web development
previous overview: introduction to html next in addition to defining individual parts of your page (such as "a paragraph" or "an image"), html also boasts a number of block level elements used to define areas of your website (such as "the
header", "the navigation menu", "the main content column").
... basic sections of a document webpages can and will look pretty different from one another, but they all tend to share similar standard components, unless the page is displaying a fullscreen video or game, is part of some kind of art project, or is just badly structured:
header: usually a big strip across the top with a big heading, logo, and perhaps a tagline.
...like the
header, this content usually remains consistent from one webpage to another — having inconsistent navigation on your website will just lead to confused, frustrated users.
...And 6 more matches
Working with JSON - Learn web development
the latter contains some simple css to style our page, while the former contains some very simple body html: <
header> </
header> <section> </section> plus a <script> element to contain the javascript code we will be writing in this exercise.
... at the moment it only contains two lines, which grab references to the <
header> and <section> elements and store them in variables: const
header = document.queryselector('
header'); const section = document.queryselector('section'); we have made our json data available on our github, at https://mdn.github.io/learning-area/javascript/oojs/json/superheroes.json.
...add the following code below your previous code: request.onload = function() { const superheroes = request.response; populate
header(superheroes); showheroes(superheroes); } here we are storing the response to our request (available in the response property) in a variable called superheroes; this variable now contains the javascript object based on the json!
...And 6 more matches
ARIA: grid role - Accessibility
see aria authoring practices for more details cell elements have the role gridcell, unless they are a row or column
header.
... then the elements are row
header and column
header, respectively.
... examples calendar example html <table role="grid" aria-labelledby="calendar
header" aria-readonly=true> <caption id="calendar
header">september 2018</caption> <thead role="rowgroup"> <tr role="row"> <td></td> <th role="column
header" aria-label="sunday">s</th> <th role="column
header" aria-label="monday">m</th> <th role="column
header" aria-label="tuesday">t</th> <th role="column
header" aria-label="wednesday">w</th> <th role="column
header...
...And 6 more matches
Grid template areas - CSS: Cascading Style Sheets
a
header a footer a sidebar the main content with the grid-area property i can assign each of these areas a name.
... .
header { grid-area: hd; } .footer { grid-area: ft; } .content { grid-area: main; } .sidebar { grid-area: sd; } having defined these names i then create my layout.
...t ft ft ft ft ft ft ft ft"; } * {box-sizing: border-box;} .wrapper { border: 2px solid #f76707; border-radius: 5px; background-color: #fff4e6; max-width: 940px; margin: 0 auto; } .wrapper > div { border: 2px solid #ffa94d; border-radius: 5px; background-color: #ffd8a8; padding: 1em; color: #d9480f; } <div class="wrapper"> <div class="
header">
header</div> <div class="sidebar">sidebar</div> <div class="content">content</div> <div class="footer">footer</div> </div> using this method we do not need to specify anything at all on the individual grid items, everything happens on our grid container.
...And 6 more matches
Using Feature Policy - HTTP
the feature-policy
header is still in an experimental state, and is subject to change at any time.
... specifying your policy feature policy provides two ways to specify policies to control features: the feature-policy http
header.
... the primary difference between the http
header and the allow attribute is that the allow attribute only controls features within an iframe.
...And 6 more matches
Content-Disposition - HTTP
in a regular http response, the content-disposition response
header is a
header indicating if the content is expected to be displayed inline in the browser, that is, as a web page or as part of a web page, or as an attachment, that is downloaded and saved locally.
... in a multipart/form-data body, the http content-disposition general
header is a
header that can be used on the subpart of a multipart body to give information about the field it applies to.
... the subpart is delimited by the boundary defined in the content-type
header.
...And 6 more matches
Content-Security-Policy-Report-Only - HTTP
the http content-security-policy-report-only response
header allows web developers to experiment with policies by monitoring (but not enforcing) their effects.
...
header type response
header forbidden
header name no this
header is not supported inside a <meta> element.
... syntax content-security-policy-report-only: <policy-directive>; <policy-directive> directives the directives of the content-security-policy
header can also be applied to content-security-policy-report-only.
...And 6 more matches
Content-Security-Policy - HTTP
the http content-security-policy response
header allows web site administrators to control resources the user agent is allowed to load for a given page.
...
header type response
header forbidden
header name no syntax content-security-policy: <policy-directive>; <policy-directive> where <policy-directive> consists of: <directive> <value> with no internal punctuation.
...see also the content-security-policy-report-only
header.
...And 6 more matches
Strict-Transport-Security - HTTP
the http strict-transport-security response
header (often abbreviated as hsts) lets a web site tell browsers that it should only be accessed using https, instead of using http.
...
header type response
header forbidden
header name no syntax strict-transport-security: max-age=<expire-time> strict-transport-security: max-age=<expire-time>; includesubdomains strict-transport-security: max-age=<expire-time>; preload directives max-age=<expire-time> the time, in seconds, that the browser should remember that a site is only to be accessed using https.
... the http strict transport security
header informs the browser that it should never load a site using http and should automatically convert all attempts to access the site using http to https requests instead.
...And 6 more matches
X-Frame-Options - HTTP
the x-frame-options http response
header can be used to indicate whether or not a browser should be allowed to render a page in a <frame>, <iframe>, <embed> or <object>.
... note: the content-security-policy http
header has a frame-ancestors directive which obsoletes this
header for supporting browsers.
...
header type response
header forbidden
header name no syntax there are two possible directives for x-frame-options: x-frame-options: deny x-frame-options: sameorigin directives if you specify deny, not only will attempts to load the page in a frame fail when loaded from other sites, attempts to do so will fail when loaded from the same site.
...And 6 more matches
request - Archive of obsolete content
headers object an unordered collection of name/value pairs representing
headers to send with the request.
...this explicitly sets the content-type
header.
... overridemimetype string use this string to override the mime type returned by the server in the response's content-type
header.
...And 5 more matches
Handling common accessibility problems - Learn web development
a basic data table can be written with very simple markup (see bad-table.html live, and source), but this has problems — there is no way for a screen reader user to associate rows or columns together as groupings of data — to do this you need to know what the
header rows are, and if they are heading up rows, columns, etc.
... if you instead look at our punk-bands-complete.html example (live, source), you can see a few accessibility aids at work here, such as table
headers (<th> and scope attributes), <caption> element, etc.
... vo + c (when inside a table) read the
header of the current column.
...And 5 more matches
SpiderMonkey Build Documentation
try configuring like so: cc=clang cxx=clang++ ../configure it is also possible that baldrdash may fail to compile with /usr/local/cellar/llvm/7.0.1/lib/clang/7.0.1/include/inttypes.h:30:15: fatal error: 'inttypes.h' file not found /usr/local/cellar/llvm/7.0.1/lib/clang/7.0.1/include/inttypes.h:30:15: fatal error: 'inttypes.h' file not found, err: true this is because, starting from mohave,
headers are no longer installed in /usr/include.
... refer the release notes under command line tools -> new features the release notes also states that this compatibility package will no longer be provided in the near future, so the build system on macos will have to be adapted to look for
headers in the sdk until then, the following should help, open /library/developer/commandlinetools/packages/macos_sdk_
headers_for_macos_10.14.pk this builds an executable named js in the directory build-release/dist/bin.
...this installs the shared library to /usr/local/lib, the c
header files to /usr/local/include, and the js executable to/usr/local/bin.
...And 5 more matches
Setting up the Gecko SDK
downloading and setting the sdk the gecko sdk provides all of the tools,
headers, and libraries that you need to build xpcom components.
...for example, the
headers for networking are all located in the necko directory, and the
headers that xpcom requires are in the xpcom directory.
... the two top level
header files are special.
...And 5 more matches
nsIMsgMessageService
nsimsgwindow amsgwindow, in nsiurllistener aurllistener, out nsiuri aurl); void search(in nsimsgsearchsession asearchsession, in nsimsgwindow amsgwindow, in nsimsgfolder amsgfolder, in string asearchuri); nsiuri streammessage(in string amessageuri, in nsisupports aconsumer, in nsimsgwindow amsgwindow, in nsiurllistener aurllistener, in boolean aconvertdata, in string aadditional
header); nsiuri stream
headers(in string amessageuri, in nsistreamlistener aconsumer, in nsiurllistener aurllistener [optional] in boolean alocalonly); boolean ismsginmemcache(in nsiuri aurl, in nsimsgfolder afolder, out nsicacheentrydescriptor acacheentry); nsimsgdbhdr messageuritomsghdr(in string uri); methods copymessage() pass in the uri for the message you want to...
...it will also tack aadditional
header onto the url (e.g.,
header=filter).
... nsiuri streammessage(in string amessageuri, in nsisupports aconsumer, in nsimsgwindow amsgwindow, in nsiurllistener aurllistener, in boolean aconvertdata, in string aadditional
header); parameters amessageuri uri of message to stream aconsumer generally, a stream listener listening to the message.
...And 5 more matches
nsIPluginHost
void parsepostbuffertofix
headers(in string ainpostdata, in unsigned long ainpostdatalen, out string aoutpostdata, out unsigned long aoutpostdatalen); native code only!
... methods native code only!createtempfiletopost to create temp file with content len
header in, it will use by http post.
... to create temp file with content len
header in, it will use by http post.
...And 5 more matches
Web Console remoting - Firefox Developer Tools
the client can request further network event details - like response body or request
headers.
... send http requests starting with firefox 25 you can send an http request using the console actor: { "to": "conn0.console9", "type": "sendhttprequest", "request": { "url": "http://localhost", "method": "get", "
headers": [ { name: "
header-name", value: "
header value", }, // ...
...examples: { "from": "conn0.netevent14", "type": "networkeventupdate", "updatetype": "request
headers", "
headers": 10, "
headerssize": 425 }, { "from": "conn0.netevent14", "type": "networkeventupdate", "updatetype": "requestcookies", "cookies": 0 }, { "from": "conn0.netevent14", "type": "networkeventupdate", "updatetype": "requestpostdata", "datasize": 1024, "discardrequestbody": false }, { "from": "conn0.netevent14", "type": "networkeventupdate", "updatetype": "respon...
...And 5 more matches
Cache - Web APIs
note: the key matching algorithm depends on the vary
header in the value.
... note: the caching api doesn't honor http caching
headers.
...(see selective caching live) the code uses cachestorage.open() to open any cache objects with a content-type
header that starts with font/.
...And 5 more matches
Fetch basic concepts - Web APIs
in a nutshell at the heart of fetch are the interface abstractions of http requests, responses,
headers, and body payloads, along with a global fetch method for initiating asynchronous resource requests.
... guard guard is a feature of
headers objects, with possible values of immutable, request, request-no-cors, response, or none, depending on where the
header is used.
... when a new
headers object is created using the
headers() constructor, its guard is set to none (the default).
...And 5 more matches
ARIA Test Cases - Accessibility
basic grid -- single select grid in an application -- single select illinois grid example -- multi select expected at behavior: screen reader should read column and row
headers as the grid is traversed with arrow keys (in forms mode).
...for example, while in the grid in forms mode, the user should be able to configure the screen reader to read row
headers only.
...
header behavior is not yet defined.
...And 5 more matches
ARIA: table role - Accessibility
<div role="table" aria-label="semantic elements" aria-describedby="semantic_elements_table_desc" aria-rowcount="81"> <div id="semantic_elements_table_desc">semantic elements to use instead of aria's roles</div> <div role="rowgroup"> <div role="row"> <span role="column
header" aria-sort="none">aria role</span> <span role="column
header" aria-sort="none">semantic element</span> </div> </div> <div role="rowgroup"> <div role="row" aria-rowindex="11"> <span role="cell">
header</span> <span role="cell">h1</span> </div> <div role="row" aria-rowindex="16"> <span role="cell">
header</span> <span role="cell">h6</span> </div> ...
...each cell has a role of either column
header, row
header, or simply cell.
... all other semantic table elements, such as <tbody>, <thead>, <tr>, <th>, and <td> need to be added via associated roles, such as rowgroup, row, column
header, and cell.
...And 5 more matches
<tbody>: The Table Body element - HTML: Hypertext Markup Language
valign this attribute specifies the vertical alignment of the text within each row of cells of the table
header.
... usage notes if the table includes a <thead> block (to semantically identify
header rows), the <tbody> block must come after it.
...all non-
header and non-footer rows must be inside the <tbody> if one is used.
...And 5 more matches
HTTP authentication - HTTP
the challenge and response flow works like this: the server responds to a client with a 401 (unauthorized) response status and provides information on how to authorize with a www-authenticate response
header containing at least one challenge.
... a client that wants to authenticate itself with the server can then do so by including an authorization request
header with the credentials.
... usually a client will present a password prompt to the user and will then issue the request including the correct authorization
header.
...And 5 more matches
Configuring servers for Ogg media - HTTP
in addition, gecko uses byte-range requests to seek to the end of the media (assuming you serve the content-length
header) in order to determine the duration of the media.
... your server should accept the accept-ranges: bytes http
header if it can accept byte-range requests.
... configuration for older firefox versions serve x-content-duration
headers note: as of firefox 41, the x-content-duration
header is no longer supported.
...And 5 more matches
Accept-Charset - HTTP
the accept-charset request http
header advertises which character encodings the client understands.
... using content negotiation, the server selects one of the encodings, uses it, and informs the client of its choice within the content-type response
header, usually in a charset= parameter.
... browsers usually don't send this
header, as the default value for each resource is usually correct and transmitting it would allow fingerprinting.
...And 5 more matches
Public-Key-Pins-Report-Only - HTTP
note: public key pinning mechanism was deprecated in favor of certificate transparency and expect-ct
header.
... the http public-key-pins-report-only response
header was used to send reports of pinning violation to the report-uri specified in the
header but, unlike public-key-pins still allows browsers to connect to the server if the pinning is violated.
... the
header is silently ignored in modern browsers as support for hpkp has been removed.
...And 5 more matches
Upgrade - HTTP
the http 1.1 (only) upgrade
header can be used to upgrade an already established client/server connection to a different protocol (over the same transport protocol).
... http/2 explicitly disallows the use of this mechanism/
header; it is specific to http/1.1.
...
header type request
header, response
header forbidden
header name yes overview the upgrade
header field may be used by clients to invite a server to switch to one (or more) of the listed protocols, in descending preference order.
...And 5 more matches
X-Forwarded-For - HTTP
the x-forwarded-for (xff)
header is a de-facto standard
header for identifying the originating ip address of a client connecting to a web server through an http proxy or a load balancer.
...to see the original ip address of the client, the x-forwarded-for request
header is used.
... this
header is used for debugging, statistics, and generating location-dependent content and by design it exposes privacy sensitive information, such as the ip address of the client.
...And 5 more matches
HTTP
this article describes different methods of caching and how to use http
headers to control them.
...when serving an http request, a server can send a set-cookie http
header with the response.
... the client then returns the cookie's value with every request to the same server in the form of a cookie request
header.
...And 5 more matches
List Controls - Archive of obsolete content
ample 3 : source view <listbox> <listcols> <listcol/> <listcol/> </listcols> <listitem> <listcell label="george" /> <listcell label="house painter" /> </listitem> <listitem> <listcell label="mary ellen" /> <listcell label="candle maker" /> </listitem> <listitem> <listcell label="roger" /> <listcell label="swashbuckler" /> </listitem> </listbox>
header rows list boxes also allow a special
header row to be used.
...you would use this to create column
headers.
...the listhead element is used for the
header rows, just as the listitem element is used for regular rows.
...And 4 more matches
Client hints - MDN Web Docs Glossary: Definitions of Web-related terms
client hints are a set of http request
header fields for proactive content negotiation allowing clients to indicate a list of device and agent specific preferences.
...servers announce support for client hints using the accept-ch (accept client hints)
header or an equivalent html meta element with the http-equiv attribute.
... accept-ch: dpr, width, viewport-width, downlink and / or <meta http-equiv="accept-ch" content="dpr, width, viewport-width, downlink"> when a client receives the accept-ch
header, if supported, it appends client hint
headers that match the advertised field-values.
...And 4 more matches
HTML: A good basis for accessibility - Learn web development
if you try navigating through this, you'll see that this is pretty easy to navigate: the screen reader reads each
header out as you progress through the content, notifying you what a heading is, what is a paragraph, etc.
... page layouts in the bad old days, people used to create page layouts using html tables — using different table cells to contain the
header, footer, sidebar, main content column, etc.
... try our example table-layout.html example, which looks something like this: <table width="1200"> <!-- main heading row --> <tr id="heading"> <td colspan="6"> <h1 align="center">
header</h1> </td> </tr> <!-- nav menu row --> <tr id="nav" bgcolor="#ffffff"> <td width="200"> <a href="#" align="center">home</a> </td> <td width="200"> <a href="#" align="center">our team</a> </td> <td width="200"> <a href="#" align="center">projects</a> </td> <td width="200"> <a href="#" align="center">contact</a>...
...And 4 more matches
HTML: A good basis for accessibility - Learn web development
if you try navigating through this, you'll see that this is pretty easy to navigate: the screen reader reads each
header out as you progress through the content, notifying you what a heading is, what is a paragraph, etc.
... page layouts in the bad old days, people used to create page layouts using html tables — using different table cells to contain the
header, footer, sidebar, main content column, etc.
... try our example table-layout.html example, which looks something like this: <table width="1200"> <!-- main heading row --> <tr id="heading"> <td colspan="6"> <h1 align="center">
header</h1> </td> </tr> <!-- nav menu row --> <tr id="nav" bgcolor="#ffffff"> <td width="200"> <a href="#" align="center">home</a> </td> <td width="200"> <a href="#" align="center">our team</a> </td> <td width="200"> <a href="#" align="center">projects</a> </td> <td width="200"> <a href="#" align="center">contact</a>...
...And 4 more matches
Ember interactivity: Events, classes and state - Learn web development
creating todos for our card-
header / todo input, we'll want to be able to submit our typed in todo task when we press the enter key and have it appear in the todos list.
... add the new line shown below to your
header.hbs file: <input class='new-todo' aria-label='what needs to be done?' placeholder='what needs to be done?' autofocus {{on 'keydown' this.onkeydown}} > this new attribute is inside double curly braces, which tells you it is part of ember's dynamic templating syntax.
... to create a
header class to go with your
header component, type this in to your terminal: ember generate component-class
header this will create the following empty class file — todomvc/app/components/
header.js: import component from '@glimmer/component'; export default class
headercomponent extends component { } inside this file we will implement the event handler code.
...And 4 more matches
Ember app structure and componentization - Learn web development
using the cli to create our components for us so to represent our app, we want to create 4 components:
header list individual todo footer to create a component, we use the ember generate component command, followed by the name of the component.
... let’s create the
header component first.
... enter the following command into your terminal: ember generate component
header these will generate some new files, as shown in the resulting terminal output: installing component create app/components/
header.hbs skip app/components/
header.js tip to add a class, run `ember generate component-class
header` installing component-test create tests/integration/components/
header-test.js
header.hbs is the template file where we’ll include the html structure for just that component.
...And 4 more matches
NSS_3.12_release_notes.html
the tar.gz or zip file expands to an nss-3.12 directory containing three subdirectories: include - nss
header files lib - nss shared libraries bin - nss tools and test programs you also need to download the nspr 4.7.1 binary distributions to get the nspr 4.7.1
header files and shared libraries, which nss 3.12 requires.
...bug 402773: verify the list of public
header files in nss 3.12 bug 403470: strsclnt + tstclnt crashes when pkix enabled.
...7: libpkix does not use user defined revocation checkers bug 407064: pkix_pl_ldapcertstore_buildcrllist should not fail if a crl fails to be decoded bug 421216: libpkix test nss_thread leaks a test certificate bug 301259: signtool usage message is unhelpful bug 389781: nss should be built size-optimized in browser builds on linux, windows, and mac bug 90426: use of obsolete typedefs in public nss
headers bug 113323: the first argument to pk11_findcertfromnickname should be const.
...And 4 more matches
nss tech note5
encrypt/decrypt include
headers #include "nss.h" #include "pk11pub.h" make sure nss is initialized.the simplest init function, in case you don't need a nss database is nss_nodb_init(".") choose a cipher mechanism.
... you can also look at a sample program illustrating encryption hash / digest include
headers #include "nss.h" #include "pk11pub.h" make sure nss is initialized.the simplest init function, in case you don't need a nss database is nss_nodb_init(".") <big>create digest context</big>.
...); s = pk11_digestop(digestcontext, data, sizeof data); s = pk11_digestfinal(digestcontext, digest, &len, sizeof digest); /* now, digest contains the 'digest', and len contains the length of the digest */</big> clean up pk11_destroycontext(digestcontext, pr_true); you can also look at a sample program illustrating this hash / digest with secret key included include
headers #include "nss.h" #include "pk11pub.h" make sure nss is initialized.the simplest init function, in case you don't need a nss database is nss_nodb_init(".") choose a digest mechanism.
...And 4 more matches
nsIMIMEInputStream
netwerk/base/public/nsimimeinputstream.idlscriptable the mime stream separates
headers and a datastream.
... it also allows automatic creation of the content-length
header.
...to create an instance, use: var mimeinputstream = components.classes["@mozilla.org/network/mime-input-stream;1"] .createinstance(components.interfaces.nsimimeinputstream); method overview void add
header(in string name, in string value); void setdata(in nsiinputstream stream); attributes attribute type description addcontentlength boolean when true a "content-length"
header is automatically added to the stream.
...And 4 more matches
nsIMsgDatabase
void markthreadignored(in nsimsgthread thread, in nsmsgkey threadkey, in boolean bignored, in nsidbchangelistener instigator); void markthreadwatched(in nsimsgthread thread, in nsmsgkey threadkey, in boolean bwatched, in nsidbchangelistener instigator); void mark
headerkilled(in nsimsgdbhdr msg, in boolean bignored, in nsidbchangelistener instigator); boolean isread(in nsmsgkey key); boolean isignored(in nsmsgkey key); boolean ismarked(in nsmsgkey key); boolean hasattachments(in nsmsgkey key); void markallread(in nsmsgkeyarrayptr thosemarked); native code only!
... void deletemessage(in nsmsgkey key, in nsidbchangelistener instigator, in boolean commit); void delete
header(in nsimsgdbhdr msghdr, in nsidbchangelistener instigator,in boolean commit, in boolean notify); void remove
headermdbrow(in nsimsgdbhdr msghdr); void undodelete(in nsimsgdbhdr msghdr); void markmarked(in nsmsgkey key, in boolean mark, in nsidbchangelistener instigator); void markoffline(in nsmsgkey key, in boolean offline, in nsidbchangelistener instigator); void setlabel(in nsmsgkey key, in nsmsglabelvalue label); void setstringproperty(in nsmsgkey akey, in...
...the idea is that you create a new
header, fill in its properties, and then call addnewhdrtodb.
...And 4 more matches
nsIWebNavigation
method overview void goback void goforward void gotoindex( in long index ) void loaduri(in wstring uri , in unsigned long loadflags , in nsiuri referrer , in nsiinputstream postdata, in nsiinputstream
headers) void reload(in unsigned long reloadflags) void stop(in unsigned long stopflags) constants load flags constant value description load_flags_mask 65535 this flag defines the range of bits that may be specified.
... void loaduri( wstring uri, unsigned long loadflags, nsiuri referrer, nsiinputstream postdata, nsiinputstream
headers ); parameters uri the uri string to load.
... postdata if the uri corresponds to a http request, then this stream is appended directly to the http request
headers.
...And 4 more matches
Index
13 autoconfig: how to create a configuration file autoconfiguration, thunderbird authoritative definition 14 autoconfiguration in thunderbird moved to autoconfiguration 15 buddy icons in mail seth spitzer mozilla is now able to show icons in the message
header area and the addressbook card pane.
...things appear confusing for several reasons: 45 message interfaces interfaces, interfaces:scriptable, needscontent, xpcom api reference, thunderbird nsimsghdr - this interface describes
headers for all mail messages.
... it can be used to retrieve address, subject and related
header information for a mail message.
...And 4 more matches
Console messages - Firefox Developer Tools
this site specified both an x-content-security-policy/report-only
header and a content-security-policy/report-only
header.
... the x-content-security-policy/report-only
header(s) will be ignored.
... the x-content-security-policy and x-content-security-report-only
headers will be deprecated in the future.
...And 4 more matches
Timing element visibility with the Intersection Observer API - Web APIs
we'll be using css grid to style and lay out the site, so we can be pretty straightforward here: <div class="wrapper"> <
header> <h1>a fake blog</h1> <h2>showing intersection observer in action!</h2> </
header> <aside> <nav> <ul> <li><a href="#link1">a link</a></li> <li><a href="#link2">another link</a></li> <li><a href="#link3">one more link</a></li> </ul> </nav> </aside> <main> </main> </div> this is the framework for the entire site.
... at the top is the site's
header region, contained within a <
header> block.
...then the "wrapper" class is defined; it wraps the entire blog, including the
header, sidebar, and body content (articles and ads).
...And 4 more matches
XMLHttpRequest - Web APIs
note: according to the http/2 specification (8.1.2.4 response pseudo-
header fields), http/2 does not define a way to carry the version or reason phrase that is included in an http/1.1 status line.
... xmlhttprequest.withcredentials is a boolean that indicates whether or not cross-site access-control requests should be made using credentials such as cookies or authorization
headers.
...if true, the request will be sent without cookie and authentication
headers.
...And 4 more matches
<table>: The Table element - HTML: Hypertext Markup Language
examples simple table <table> <tr> <td>john</td> <td>doe</td> </tr> <tr> <td>jane</td> <td>doe</td> </tr> </table> more examples <p>simple table with
header</p> <table> <tr> <th>first name</th> <th>last name</th> </tr> <tr> <td>john</td> <td>doe</td> </tr> <tr> <td>jane</td> <td>doe</td> </tr> </table> <p>table with thead, tfoot, and tbody</p> <table> <thead> <tr> <th>
header content 1</th> <th>
header content 2</th> </tr> </thead> <tbody> <tr> <td>body content 1</td> <td>bo...
... mdn adding a caption to your table with <caption> caption & summary • tables • w3c wai web accessibility tutorials scoping rows and columns the scope attribute on
header elements is redundant in simple contexts, because scope is inferred.
... however, some assistive technologies may fail to draw correct inferences, so specifying
header scope may improve user experiences.
...And 4 more matches
HTML documentation index - HTML: Hypertext Markup Language
2 allowing cross-origin use of images and canvas advanced, cors, canvas, html, image, reference, security, storage, data html provides a crossorigin attribute for images that, in combination with an appropriate cors
header, allows images defined by the <img> element that are loaded from foreign origins to be used in a <canvas> as if they had been loaded from the current origin.
... 108 <head>: the document metadata (
header) element element, html, html document metadata, html:metadata content, reference, web the html <head> element contains machine-readable information (metadata) about the document, like its title, scripts, and style sheets.
... 109 <
header> element, html, html sections, reference the html <
header> element represents introductory content, typically a group of introductory or navigational aids.
...And 4 more matches
MIME types (IANA media types) - HTTP
important: browsers use the mime type, not the file extension, to determine how to process a url, so it's important that web servers send the correct mime type in the response's content-type
header.
...examples include multipart/form-data (for data produced using the formdata api) and multipart/byteranges (defined in rfc 7233: 5.4.1 and used with http's 206 "partial content" response returned when the fetched data is only part of the content, such as is delivered using the range
header).
...they treat it as if the content-disposition
header was set to attachment, and propose a "save as" dialog.
...And 4 more matches
Cross-Origin Resource Policy (CORP) - HTTP
cross-origin resource policy is a policy set by the cross-origin-resource-policy http
header that lets web sites and applications opt in to protection against certain requests from other origins (such as those issued with elements like <script> and <img>), to mitigate speculative side-channel attacks, like spectre, as well as cross-site script inclusion attacks.
... the policy is only effective for no-cors requests, which are issued by default for cors-safelisted methods/
headers.
... as this policy is expressed via a response
header, the actual request is not prevented—rather, the browser prevents the result from being leaked by stripping the response body.
...And 4 more matches
Accept-Language - HTTP
the accept-language request http
header advertises which languages the client is able to understand, and which locale variant is preferred.
... (by languages, we mean natural languages, such as english, and not programming languages.) using content negotiation, the server then selects one of the proposals, uses it and informs the client of its choice with the content-language response
header.
... browsers set adequate values for this
header according to their user interface language and even if a user can change it, this happens rarely (and is frowned upon as it leads to fingerprinting).
...And 4 more matches
Access-Control-Allow-Credentials - HTTP
the access-control-allow-credentials response
header tells browsers whether to expose the response to frontend javascript code when the request's credentials mode (request.credentials) is include.
... credentials are cookies, authorization
headers or tls client certificates.
...note that simple get requests are not preflighted, and so if a request is made for a resource with credentials, if this
header is not returned with the resource, the response is ignored by the browser and not returned to web content.
...And 4 more matches
Connection - HTTP
the connection general
header controls whether or not the network connection stays open after the current transaction finishes.
... connection-specific
header fields such as connection and keep-alive are prohibited in http/2.
... except for the standard hop-by-hop
headers (keep-alive, transfer-encoding, te, connection, trailer, upgrade, proxy-authorization and proxy-authenticate), any hop-by-hop
headers used by the message must be listed in the connection
header, so that the first proxy knows it has to consume them and not forward them further.
...And 4 more matches
Cross-Origin-Embedder-Policy - HTTP
the http cross-origin-embedder-policy (coep) response
header prevents a document from loading any cross-origin resources that don't explicitly grant the document permission (using corp or cors).
...
header type response
header forbidden
header name no syntax cross-origin-embedder-policy: unsafe-none | require-corp directives unsafe-none this is the default value.
... allows the document to fetch cross-origin resources without giving explicit permission through the cors protocol or the cross-origin-resource-policy
header.
...And 4 more matches
Device-Memory - HTTP
the device-memory
header is a device memory api
header that works like client hints
header which represents the approximate amount of ram client device has.
...
header type request
header forbidden
header name ?
...server has to opt in to receive device-memory
header from the client by sending accept-ch and accept-ch-lifetime response
headers.
...And 4 more matches
Forwarded - HTTP
the forwarded
header contains information from the reverse proxy servers that is altered or lost when a proxy is involved in the path of the request.
... the alternative and de-facto standard versions of this
header are the x-forwarded-for, x-forwarded-host and x-forwarded-proto
headers.
... this
header is used for debugging, statistics, and generating location-dependent content and by design it exposes privacy sensitive information, such as the ip address of the client.
...And 4 more matches
Referrer-Policy - HTTP
the referrer-policy http
header controls how much referrer information (sent via the referer
header) should be included with requests.
...
header type response
header forbidden
header name no syntax the original
header name referer is a misspelling of the word "referrer".
... the referrer-policy
header does not share this misspelling.
...And 4 more matches
Warning - HTTP
note: the warning
header is soon to be deprecated; see warning (https://github.com/httpwg/http-core/issues/139) and warning:
header & stale-while-revalidate (https://github.com/whatwg/fetch/issues/913) for more details.
... the warning general http
header contains information about possible problems with the status of the message.
... more than one warning
header may appear in a response.
...And 4 more matches
X-Forwarded-Host - HTTP
the x-forwarded-host (xfh)
header is a de-facto standard
header for identifying the original host requested by the client in the host http request
header.
... host names and ports of reverse proxies (load balancers, cdns) may differ from the origin server handling the request, in that case the x-forwarded-host
header is useful to determine which host was originally used.
... this
header is used for debugging, statistics, and generating location-dependent content and by design it exposes privacy sensitive information, such as the ip address of the client.
...And 4 more matches
Network Error Logging - HTTP
network error logging is a mechanism that can be configured via the nel http response
header.
... this experimental
header allows web sites and applications to opt-in to receive reports about failed (and, if desired, successful) network fetches from supporting browsers.
... reports are sent to a reporting group defined within a report-to
header.
...And 4 more matches
jspage - Archive of obsolete content
or(var d=0,c=1;1;d+=c,c/=2){if(f>=(7-4*d)/11){e=c*c-math.pow((11-6*d-11*f)/4,2); break;}}return e;},elastic:function(b,a){return math.pow(2,10*--b)*math.cos(20*b*math.pi*(a[0]||1)/3);}});["quad","cubic","quart","quint"].each(function(b,a){fx.transitions[b]=new fx.transition(function(c){return math.pow(c,[a+2]); });});var request=new class({implements:[chain,events,options],options:{url:"",data:"",
headers:{"x-requested-with":"xmlhttprequest",accept:"text/javascript, text/html, application/xml, text/xml, */*"},async:true,format:false,method:"post",link:"ignore",issuccess:null,emulation:true,urlencoded:true,encoding:"utf-8",evalscripts:false,evalresponse:false,nocache:false},initialize:function(a){this.xhr=new browser.request(); this.setoptions(a);this.options.issuccess=this.options.issuccess||this...
....issuccess;this.
headers=new hash(this.options.
headers);},onstatechange:function(){if(this.xhr.readystate!=4||!this.running){return; }this.running=false;this.status=0;$try(function(){this.status=this.xhr.status;}.bind(this));this.xhr.onreadystatechange=$empty;if(this.options.issuccess.call(this,this.status)){this.response={text:this.xhr.responsetext,xml:this.xhr.responsexml}; this.success(this.response.text,this.response.xml);}else{this.response={text:null,xml:null};this.failure();}},issuccess:function(){return((this.status>=200)&&(this.status<300)); },processscripts:function(a){if(this.options.evalresponse||(/(ecma|java)script/).test(this.get
header("content-type"))){return $exec(a);}return a.stripscripts(this.options.evalscripts); },success:function(b,a){this.onsuccess(this.processscripts(b),a);...
...},onsuccess:function(){this.fireevent("complete",arguments).fireevent("success",arguments).callchain(); },failure:function(){this.onfailure();},onfailure:function(){this.fireevent("complete").fireevent("failure",this.xhr);},set
header:function(a,b){this.
headers.set(a,b); return this;},get
header:function(a){return $try(function(){return this.xhr.getresponse
header(a);}.bind(this));},check:function(){if(!this.running){return true; }switch(this.options.link){case"cancel":this.cancel();return true;case"chain":this.chain(this.caller.bind(this,arguments));return false;}return false;},send:function(k){if(!this.check(k)){return this; }this.running=true;var i=$type(k);if(i=="string"||i=="element"){k={data:k};}var d=this.options;k=$extend({data:d.data,url:d.url,method:d.method},k);var g=k.data,b=string(k.ur...
...And 3 more matches
Trees - Archive of obsolete content
both can be used to create tables of data with multiple rows and columns, and both may contain column
headers.
...each column will appear as a
header at the top of the tree.
...as with listboxes, a
header row will appear with column labels.
...And 3 more matches
MDN Web Docs Glossary: Definitions of Web-related terms
cipher suite ciphertext class client hints closure cms code splitting codec compile compile time computer programming conditional constant constructor continuous media control flow cookie copyleft cors cors-safelisted request
header cors-safelisted response
header crawler crlf cross axis cross-site scripting crud cryptanalysis cryptographic hash function cryptography csp csrf css css object model (cssom) css pixel css preprocessor d data structure decryption ...
... dtls (datagram transport layer security) dtmf (dual-tone multi-frequency signaling) dynamic programming language dynamic typing e ecma ecmascript effective connection type element empty element encapsulation encryption endianness engine entity entity
header event exception expando f fallback alignment falsy favicon fetch directive fetch metadata request
header firefox os firewall first contentful paint first cpu idle first input delay first interactive first meaningful paint first paint ...
... first-class function flex flex container flex item flexbox forbidden
header name forbidden response
header name fork fragmentainer frame rate (fps) ftp ftu function fuzz testing g gaia garbage collection gecko general
header gif gij git global object global scope global variable glyph gonk google chrome gpl gpu graceful degradation grid grid areas grid axis grid cell grid column grid container grid lines grid row grid tracks guard ...
...And 3 more matches
Grids - Learn web development
add the following rules to the bottom of your css:
header { grid-column: 1 / 3; grid-row: 1; } article { grid-column: 2; grid-row: 2; } aside { grid-column: 1; grid-row: 2; } footer { grid-column: 1 / 3; grid-row: 3; } line-based placement body { width: 90%; max-width: 900px; margin: 2em auto; font: .9em/1.2 arial, helvetica, sans-serif...
...; } .container { display: grid; grid-template-columns: 1fr 3fr; grid-gap: 20px; }
header { grid-column: 1 / 3; grid-row: 1; } article { grid-column: 2; grid-row: 2; } aside { grid-column: 1; grid-row: 2; } footer { grid-column: 1 / 3; grid-row: 3; }
header, footer { border-radius: 5px; padding: 10px; background-color: rgb(207,232,220); border: 2px solid rgb(79,185,227); } aside { border-right: 1px solid #999; } <div class="container"> <
header>this is my lovely blog</
header> <article> <h1>my article</h1> <p>duis felis orci, pulvinar id metus ut, rutrum luctus orci.
... .container { display: grid; grid-template-areas: "
header header" "sidebar content" "footer footer"; grid-template-columns: 1fr 3fr; grid-gap: 20px; }
header { grid-area:
header; } article { grid-area: content; } aside { grid-area: sidebar; } footer { grid-area: footer; } reload the page and you will see that your items have been placed just as before without us needing to use any line numbers!
...And 3 more matches
Sending form data - Learn web development
an http request consists of two parts: a
header that contains a set of global metadata about the browser's capabilities, and a body that can contain information necessary for the server to process the specific request.
..."to" value="mom"> </div> <div> <button>send my greetings</button> </div> </form> when the form is submitted using the post method, you get no data appended to the url, and the http request looks like so, with the data included in the request body instead: post / http/2.0 host: foo.com content-type: application/x-www-form-urlencoded content-length: 13 say=hi&to=mom the content-length
header indicates the size of the body, and the content-type
header indicates the type of resource sent to the server.
... we'll discuss these
headers later on.
...And 3 more matches
Tips for authoring fast-loading HTML pages - Learn web development
depending on a browser's cache settings, it may send a request with the if-modified-since
header for each referenced file, asking whether the file has been modified since the last time it was downloaded.
... in particular, pay attention to the last-modified
header.
... it allows for efficient page caching; by means of this
header, information is conveyed to the user agent about the file it wants to load, such as when it was last modified.
...And 3 more matches
Assessment: Structuring planet data - Learn web development
open your copy of blank-template.html, and start the table off by giving it an outer container, a table
header, and a table body.
... add a row to the table
header containing all the column
headers.
... add attributes to make the row and column
headers unambiguously associated with the rows, columns, or rowgroups that they act as headings for.
...And 3 more matches
Creating Sandboxed HTTP Connections
in order to manipulate cookies, the nsichannel needs to be converted into a nsihttpchannel by using queryinterface (qi): var httpchannel = asubject.queryinterface(components.interfaces.nsihttpchannel); cookies are actually part of the http
header, nsihttpchannel provides four methods for working with
headers: two for getting and setting request
headers, and two for getting and setting response
headers.
... the cookie
header for requests is called "cookie", while for responses it is "set-cookie".
... getrequest
header(a
header) - returns the request
header value for the requested
header.
...And 3 more matches
Makefile - variables
defines additional preprocessor defines for c++ expand_mozlibname exports a list of exported
header files and sources to install for external use.
... exports_namespaces exported package include directory: dist/include/${namespace} exports_${namespace} a list of exports/
headers that should be copied into the exported namespace directory.
... module instructs the build system where to install exported
headers.
...And 3 more matches
Creating localizable web applications
you can use one or more of the following techniques: http accept-language
headers, the ua string, ip geolocation.
...for example, if not all the pages of your website are going to be localized, you may consider removing links to the english-only pages from the navigation (
headers, footers, sidebars) in the localized versions.
...might be also helpful for
headers and footers, if you're not using templates to display them.
...And 3 more matches
Gecko Roles
role_table represents a table that contains rows and columns of cells, and optionally, row
headers and column
headers.
... role_column
header represents a column
header, providing a visual label for a column in a table.
... role_row
header represents a row
header, which provides a visual label for a table row.
...And 3 more matches
Starting WebLock
the first parameter to the getservicebycontractid is of course the contract id, which is defined in the nsxpcom.h
header file.
...once the interface has been described in the xpidl language, the interface file can be used to generate the
header files needed for the implementation code, the binary type library files that let you use the interface of the weblock component from javascript, and even broken linkjavadoc style html documentation.
...the xpidl file for the iweblock interface can be used to generate the c++
header file, which you'll need to implement the interface in the component and also a type library that makes the component accessible from javascript or other interpreted languages.
...And 3 more matches
Observer Notifications
http requests these are the topics that you can observe during a http request (see setting http request
headers and creating sandboxed http connections).
...the channel is available to allow you to modify
headers and such.
...
headers are available on the channel.
...And 3 more matches
MailNews Filters
the protocol specific code will then apply all of the actions of the filter to the current msg
header.
... if one of the actions is a move, or a stop filter execution action, we move on to the next
header; otherwise, we move on to the next filter.
...for each new
header, we evaluate the filter criteria and apply the actions synchronously, including moving a message to an other local folder, and advance to the next
header.
...And 3 more matches
Web Video Text Tracks Format (WebVTT) - Web APIs
an optional text
header to the right of webvtt.
... you may use anything in the text
header except newlines or the string "-->".
... example 1 - simplest possible webvtt file webvtt example 2 - very simple webvtt file with a text
header webvtt - this file has no cues.
...And 3 more matches
WindowOrWorkerGlobalScope.fetch() - Web APIs
note that the origin
header is not set on fetch requests with a method of head or get.
...
headers any
headers you want to add to your request, contained within a
headers object or an object literal with bytestring values.
...this information should instead be provided using an authorization
header.
...And 3 more matches
Using XMLHttpRequest - Web APIs
"?" + odata.segments.join("&") : ""), true); oajaxreq.send(null); } else { /* method is post */ oajaxreq.open("post", odata.receiver, true); if (odata.technique === 3) { /* enctype is multipart/form-data */ var sboundary = "---------------------------" + date.now().tostring(16); oajaxreq.setrequest
header("content-type", "multipart\/form-data; boundary=" + sboundary); oajaxreq.sendasbinary("--" + sboundary + "\r\n" + odata.segments.join("--" + sboundary + "\r\n") + "--" + sboundary + "--\r\n"); } else { /* enctype is application/x-www-form-urlencoded or text/plain */ oajaxreq.setrequest
header("content-type", odata.contenttype); oajaxreq.send(odata.
... </p> <p> describe yourself:<br /> <textarea name="description" cols="50" rows="8"></textarea> </p> <p> <input type="submit" value="submit" /> </p> </fieldset> </form> </body> </html> to test this, create a page named register.php (which is the action attribute of these sample forms), and put the following minimalistic content: <?php /* register.php */
header("content-type: text/plain"); /* note: you should never use `print_r()` in production scripts, or otherwise output client-submitted data without sanitizing it first.
... get last modified date function get
headertime () { console.log(this.getresponse
header("last-modified")); /* a valid gmtstring date or null */ } var oreq = new xmlhttprequest(); oreq.open("head" /* use head if you only need the
headers!
...And 3 more matches
<a>: The Anchor element - HTML: Hypertext Markup Language
can be used with or without a value: without a value, the browser will suggest a filename/extension, generated from various sources: the content-disposition http
header the final segment in the url path the media type (from the (content-type
header, the start of a data: url, or blob.type for a blob: url) defining a value suggests it as the filename.
... if content-disposition has a different filename than download, the
header takes priority.
... (if content-disposition: inline, firefox prefers the
header while chrome prefers download.) href the url that the hyperlink points to.
...And 3 more matches
Cache-Control - HTTP
the cache-control http
header holds directives (instructions) for caching in both requests and responses.
...
header type general
header forbidden
header name no cors-safelisted response
header yes syntax caching directives have the following rules to be valid: case-insensitive, but lowercase is recommended.
... s-maxage=<seconds> overrides max-age or the expires
header, but only for shared caches (e.g., proxies).
...And 3 more matches
Content-Type - HTTP
the content-type entity
header is used to indicate the media type of the resource.
... in responses, a content-type
header tells the client what the content type of the returned content actually is.
... browsers will do mime sniffing in some cases and will not necessarily follow the value of this
header; to prevent this behavior, the
header x-content-type-options can be set to nosniff.
...And 3 more matches
ETag - HTTP
the etag http response
header is an identifier for a specific version of a resource.
...
header type response
header forbidden
header name no syntax etag: w/"<etag_value>" etag: "<etag_value>" directives w/ optional 'w/' (case-sensitive) indicates that a weak validator is used.
... examples etag: "33a64df551425fcc55e4d42a148795d9f25f89d4" etag: w/"0815" avoiding mid-air collisions with the help of the etag and the if-match
headers, you can detect mid-air edit collisions.
...And 3 more matches
Expect - HTTP
the expect http request
header indicates expectations that need to be fulfilled by the server in order to properly handle the request.
... the only expectation defined in the specification is expect: 100-continue, to which the server shall respond with: 100 if the information contained in the
header is sufficient to cause an immediate success, 417 (expectation failed) if it cannot meet the expectation; or any other 4xx status otherwise.
... no common browsers send the expect
header, but some other clients such as curl do so by default.
...And 3 more matches
Origin - HTTP
the origin request
header indicates where a fetch originates from.
...it is similar to the referer
header, but, unlike this
header, it doesn't disclose the whole path.
... note: the origin
header is not set on fetch requests with a method of head or get (this behavior was corrected in firefox 65 — see bug 1508661).
...And 3 more matches
Referer - HTTP
the referer request
header contains the address of the previous web page from which a link to the currently requested page was followed.
... the referer
header allows servers to identify where people are visiting them from and may use that data for analytics, logging, or optimized caching, for example.
... important: although this
header has many innocent uses it can have undesirable consequences for user security and privacy.
...And 3 more matches
Retry-After - HTTP
the retry-after response http
header indicates how long the user agent should wait before making a follow-up request.
... there are three main cases this
header is used: when sent with a 503 (service unavailable) response, this indicates how long the service is expected to be unavailable.
...
header type response
header forbidden
header name no syntax retry-after: <http-date> retry-after: <delay-seconds> directives <http-date> a date after which to retry.
...And 3 more matches
Server-Timing - HTTP
the server-timing
header communicates one or more metrics and descriptions for a given request-response cycle.
...
header type response
header forbidden
header name no syntax the syntax of the server-timing
header allows you to communicate metrics in different ways: server metric name only, metric with value, metric with value and description, and metric with description.
...hout value server-timing: missedcache // single metric with value server-timing: cpu;dur=2.4 // single metric with description and value server-timing: cache;desc="cache read";dur=23.2 // two metrics with value server-timing: db;dur=53, app;dur=47.2 // server-timing as trailer trailer: server-timing --- response body --- server-timing: total;dur=123.4 privacy and security the server-timing
header may expose potentially sensitive application and infrastructure information.
...And 3 more matches
Transfer-Encoding - HTTP
the transfer-encoding
header specifies the form of encoding used to safely transfer the payload body to the user.
... transfer-encoding is a hop-by-hop
header, that is applied to a message between two nodes, not to a resource itself.
...if you want to compress data over the whole connection, use the end-to-end content-encoding
header instead.
...And 3 more matches
Vary - HTTP
the vary http response
header determines how to match future request
headers to decide whether a cached response can be used rather than requesting a fresh one from the origin server.
... it is used by the server to indicate which
headers it used when selecting a representation of a resource in a content negotiation algorithm.
... the vary
header should be set on a 304 not modified response exactly like it would have been set on an equivalent 200 ok response.
...And 3 more matches
Want-Digest - HTTP
the want-digest http
header is primarily used in a http request, to ask the responder to provide a digest of the requested resource using the digest response
header.
... the
header contains identifiers for one or more digest algorithms that the sender wishes the responder to use to create the digest.
... if want-digest does not include any digest algorithms that the server supports, the server may respond with: a digest calculated using a different digest algorithm, or a 400 bad request error, and include another want-digest
header with that response, listing the algorithms that it does support.
...And 3 more matches
OPTIONS - HTTP
idempotent yes cacheable no allowed in html forms no syntax options /index.html http/1.1 options * http/1.1 examples identifying allowed request methods to find out which request methods a server supports, one can use the curl command-line program to issue an options request: curl -x options https://example.org -i the response then contains an allow
header that holds the allowed methods: http/1.1 204 no content allow: options, get, head, post cache-control: max-age=604800 date: thu, 13 oct 2016 11:45:00 gmt server: eos (lax004/2813) preflighted requests in cors in cors, a preflight request is sent with the options method so that the server can respond if it is acceptable to send the request.
... in this example, we will request permission for these parameters: the access-control-request-method
header sent in the preflight request tells the server that when the actual request is sent, it will have a post request method.
... the access-control-request-
headers
header tells the server that when the actual request is sent, it will have the x-pingother and content-type
headers.
...And 3 more matches
A typical HTTP session - HTTP
an absolute url without the protocol or domain name the http protocol version subsequent lines represent an http
header, giving the server information about what type of data is appropriate (e.g., what language, what mime types), or other data altering its behavior (e.g., not sending an answer if it is already cached).
... these http
headers form a block which ends with an empty line.
...http://developer.mozilla.org/, and telling the server that the user-agent would prefer the page in french, if possible: get / http/1.1 host: developer.mozilla.org accept-language: fr observe that final empty line, this separates the data block from the
header block.
...And 3 more matches
Web security
http strict-transport-security the strict-transport-security: http
header lets a website specify that it may only be accessed using https.
... information leakage referer
header policy: privacy and security concerns there are privacy and security risks associated with the referer http
header.
... http access-control-allow-origin the access-control-allow-origin response
header indicates whether the response can be shared with requesting code from the given origin.
...And 3 more matches
NPStream - Archive of obsolete content
syntax typedef struct _npstream { void* pdata; /* plug-in private data */ void* ndata; /* netscape private data */ const char* url; uint32 end; uint32 lastmodified; void* notifydata; const char *
headers; } npstream; fields the data structure has the following fields: plug-in-private value that the plug-in can use to store a pointer to private data associated with the instance; not modified by the browser.
...
headers the response
headers from the host.
... this field is only available if the np version is greater than or equal to npvers_has_response_
headers.
...And 2 more matches
CORS - MDN Web Docs Glossary: Definitions of Web-related terms
cors (cross-origin resource sharing) is a system, consisting of transmitting http
headers, that determines whether browsers block frontend javascript code from accessing responses for cross-origin requests.
... learn more general knowledge cross-origin resource sharing (cors) on mdn cross-origin resource sharing on wikipedia cors
headers access-control-allow-origin indicates whether the response can be shared.
... access-control-allow-
headers used in response to a preflight request to indicate which http
headers can be used when making the actual request.
...And 2 more matches
Responsive images - Learn web development
a typical website may contain a
header image and some content images below the
header.
... the
header image will likely span the whole of the width of the
header, and the content image will fit somewhere inside the content column.
... the
header image has been set so that its center always stays in the center of the
header, no matter what width the heading is set at.
...And 2 more matches
Properly configuring server MIME types - Learn web development
you can also use rex swain's http viewer or live http
headers to see the full
headers and content of any file sent from a web server.
... according to the standards, a meta tag that gives the mime type such as <meta http-equiv="content-type" content="text/html"> should be ignored if there's a content-type line in the
header.
... how to set up your server to send the correct mime types the fundamental idea is to configure your server to send the correct content-type http
header for each document.
...And 2 more matches
Gecko SDK
the gecko sdk, also known as the xulrunner sdk, is a set of xpidl files,
headers and tools to develop xpcom components which can then in turn e.g.
...the gecko sdk is a collection of
header files and tools used to develop general xpcom components which add functionality to the existing platform, whereas xulrunner is a framework which can be used to run standalone or embedded applications based on the mozilla framework.
... the gecko sdk contains all of the necessary tools and
headers for making scriptable npapi plugins including the xpidl compiler/linker and the latest npapi.h.
...And 2 more matches
Mozilla Framework Based on Templates (MFBT)
its code resides in the mfbt/ source directory, but
headers within it should be included using paths like "mozilla/standardinteger.h".
...it also attempts to define its functionality in well-named files, such that simply skimming the contents of mfbt/ will quickly suggest the relevant
header to examine.
...(the <stdint.h> standard
header is not available on all platforms and so cannot be used directly.
...And 2 more matches
Mozilla Web Developer FAQ
is the server sending the proper content-type
header for css style sheets?
... you can see the http
headers sent by the server by using the livehttp
headers extension or by using the web sniffer.
...the fonts have to be served from the same origin (protocol, host, port) as the content that uses them unless the fonts are served with the appropriate cross-origin resource sharing http
headers.
...And 2 more matches
AsyncTestUtils extended framework
keep in mind that the class is not magic and will lose track of the message
headers if you manipulate them without referencing the message set.
... accessing synthetic messages and
headers synmessages [attribute] the js list of syntheticmessages held in the set.
... getmsguri(aindex) [function] retrieve the uri of the message
header at the given index.
...And 2 more matches
PR_TransmitFile
syntax #include <prio.h> print32 pr_transmitfile( prfiledesc *networksocket, prfiledesc *sourcefile, const void *
headers, print32 hlen, prtransmitfileflags flags, printervaltime timeout); parameters the function has the following parameters: networksocket a pointer to a prfiledesc object representing the connected socket to send data over.
...
headers a pointer to the buffer holding the
headers to be sent before sending data.
... hlen length of the
headers buffer in bytes.
...And 2 more matches
NSS Developer Tutorial
symbol export lists the manifest.mn file, in a directory in the nss source tree, specifies which
headers are public, and which
headers are private.
... public
headers are in the exports variable.
... private
headers,which may be included by files in other directories, are in the private_exports variable.
...And 2 more matches
Garbage collection
a chunk is 1mb and contains arenas, padding, the mark bitmap (chunkbitmap), a bitmap of decommitted arenas, and a chunk
header (chunkinfo).
... the chunkinfo contains a list of unallocated arenas, starting at chunkinfo::freearenashead and linked through arena
header::next.
... an arena is one page (4096 bytes on almost all platforms) and contains an arena
header, a few pad bytes, and then an array of aligned elements.
...And 2 more matches
Finishing the Component
grab the right
headers, use the component or service manager to access the interface you want, and the xpcom object(s) that implement that interface will do your bidding.
...copy the
headers and idl files that you need from the content/base/public source directory of the gecko build into this new directory.
... (for weblock, all you need are the
headers for nsicontentpolicy and the nsicontentpolicy.idl.) then, using the same steps you used to create the weblock.h, create a
header from this idl file using the xpidl compiler.
...And 2 more matches
nsIHttpActivityObserver
activity subtype constants constant value description activity_subtype_request_
header 0x5001 the http request is about to be queued for sending.
... observers can look at request
headers in aextrastringdata activity_subtype_request_body_sent 0x5002 the http request's body has been sent.
... activity_subtype_response_
header 0x5004 the http response
header has arrived.
...And 2 more matches
nsIHttpChannelInternal
inherits from: nsisupports last changed in gecko 6.0 (firefox 6.0 / thunderbird 6.0 / seamonkey 2.3) method overview void getrequestversion(out unsigned long major, out unsigned long minor); void getresponseversion(out unsigned long major, out unsigned long minor); void httpupgrade(in acstring aprotocolname, in nsihttpupgradelistener alistener); void setcookie(in string acookie
header); void setupfallbackchannel(in string afallbackkey); attributes attribute type description canceled boolean returns true if and only if the channel has been canceled.
... httpupgrade() allows for the use of http to bootstrap another protocol via the rfc 2616 upgrade request
header in conjunction with a 101 level response.
...void httpupgrade( in acstring aprotocolname, in nsihttpupgradelistener alistener ); parameters aprotocolname the value of the http upgrade request
header.
...And 2 more matches
URLs - Plugins
for protocols in which the
headers must be distinguished from the body, such as http, the buffer or file should contain the
headers, followed by a blank line, then the body.
... if no custom
headers are required, simply add a blank line ('\n') to the beginning of the file or buffer.
... note: you cannot use npn_posturl to specify
headers (even a blank line) in a memory buffer.
...And 2 more matches
Ajax navigation example - Web APIs
first_page.php: <?php $page_title = "first page"; $as_json = false; if (isset($_get["view_as"]) && $_get["view_as"] == "json") { $as_json = true; ob_start(); } else { ?> <!doctype html> <html> <head> <?php include "include/
header.php"; echo "<title>" .
...trong>first_page.php</strong>.</p> <?php include "include/after_content.php"; echo "</body>\n</html>"; } ?> second_page.php: <?php $page_title = "second page"; $as_json = false; if (isset($_get["view_as"]) && $_get["view_as"] == "json") { $as_json = true; ob_start(); } else { ?> <!doctype html> <html> <head> <?php include "include/
header.php"; echo "<title>" .
...this content is stored into a php variable.</p>"; if (isset($_get["view_as"]) && $_get["view_as"] == "json") { echo json_encode(array("page" => $page_title, "content" => $page_content)); } else { ?> <!doctype html> <html> <head> <?php include "include/
header.php"; echo "<title>" .
...And 2 more matches
Using Service Workers - Web APIs
if your service worker is active on a client being served with the service-worker-allowed
header, you can specify a list of max scopes for that worker.
...the matching is done via url and vary
headers, just like with normal http requests.
...in this case, we are just returning a simple text string: new response('hello from your friendly neighbourhood service worker!'); this more complex response below shows that you can optionally pass a set of
headers in with your response, emulating standard http response
headers.
...And 2 more matches
SubtleCrypto.importKey() - Web APIs
it consists of a
header and a footer, and in between, the base64-encoded binary data.
...----- mig2ageambagbyqgsm49agegbsubbaaibigemigbagebbdau9bd0jxdff5ov380z 9vieun2w5kjdz3hbuadencxliamsoquktffaou71eldn0tshzaniaarmuhcee/cp xmjgc1roj0d0k6vluqta+jvcwigxciaukoethcngzdkcrd4pkxdbvbcijdzkvo+l ml2fikoovzh/8yetkmjumb804g6omjuc9vvojcrv0ydasmykkjmjblg= -----end private key----- to get this into a format you can give to importkey() you need to do two things: base64-decode the part between
header and footer, using window.atob().
...1or/iyakjhrr/kghutjyvcjzvaqadpjw 2g+syd1ui0b6kjov2cruwipwpff8hbfvwv8q9yc2yd5hcnykvl0iaiyn+sdak/rv 8dc5eilzci4efucbyg4c9o88qz7bs14dxsfapty8p/twoihvvjladf743lgm/jlq cdpubua3hlszuhkm3bbskd7q9ngkjv3+ybyo4/fl+fkyra8j9ypa2n0iw53lfb3b gqidaqab -----end public key----- just as with pkcs #8, to get this into a format you can give to importkey() you need to do two things: base64-decode the part between
header and footer, using window.atob().
...And 2 more matches
ARIA: gridcell role - Accessibility
aria-colindex is being used to describe the rows' position and allows a person using assistive technology to infer that certain rows have been removed: <div role="grid" aria-colcount="6"> <div role="rowgroup"> <div role="row"> <div role="column
header" aria-colindex="1">first name</div> <div role="column
header" aria-colindex="2">last name</div> <div role="column
header" aria-colindex="5">city</div> <div role="column
header" aria-colindex="6">zip</div> </div> </div> <div role="rowgroup"> <div role="row"> <div role="gridcell" aria-colindex="1">debra</div> <div role="gridcell" aria-colindex="2">burks</div> ...
... by referencing the parent elements with roles of row
header or column
header applied to them via aria-describedby, it allows assistive technology to understand the position and relationship of the gridcell element to the rest of the table-style grouping of content.
... column
header specifies which element is the associated column
header.
...And 2 more matches
Viewport concepts - CSS: Cascading Style Sheets
sticky
headers or footers, with the following styles, will stick to the top and bottom of the layout viewport respectively.
... body >
header { position: fixed; top: 0; } body > footer { position: fixed; bottom: 0; } we got the 800 x 533 measurement when we zoomed in using the keyboard.
... the
header and footer stayed flush against the top and bottom of the window.
...And 2 more matches
Getting Started - Developer guides
for example, use the following before calling send() for form data sent as a query string: httprequest.setrequest
header('content-type', 'application/x-www-form-urlencoded'); step 2 – handling the server response when you sent the request, you provided the name of a javascript function to handle the response: httprequest.onreadystatechange = nameofthefunction; what should this function do?
... note: if you're sending a request to a piece of code that will return xml, rather than a static html file, you must set response
headers to work in internet explorer.
... if you do not set
header content-type: application/xml, ie will throw a javascript "object expected" error after the line where you tried to access an xml element.
...And 2 more matches
<audio>: The Embed Audio element - HTML: Hypertext Markup Language
in other words, it sends the origin: http
header without a cookie, x.509 certificate, or performing http basic authentication.
... if the server does not give credentials to the origin site (by not setting the access-control-allow-origin: http
header), the image will be tainted, and its usage restricted.
...in other words, it sends the origin: http
header with a cookie, a certificate, or performing http basic authentication.
...And 2 more matches
<video>: The Video Embed element - HTML: Hypertext Markup Language
in other words, it sends the origin: http
header without a cookie, x.509 certificate, or performing http basic authentication.
... if the server does not give credentials to the origin site (by not setting the access-control-allow-origin: http
header), the image will be tainted, and its usage restricted.
...in other words, it sends the origin: http
header with a cookie, a certificate, or performing http basic authentication.
...And 2 more matches
HTML elements reference - HTML: Hypertext Markup Language
use the sectioning elements to create a broad outline for your page content, including
header and footer navigation, and heading elements to identify sections of content.
... <
header> the html <
header> element represents introductory content, typically a group of introductory or navigational aids.
... <th> the html <th> element defines a cell as
header of a group of table cells.
...And 2 more matches
Connection management in HTTP/1.x - HTTP
the http
headers involved in defining the connection model, like connection and keep-alive, are hop-by-hop
headers with their values able to be changed by intermediary nodes.
... this model is the default model used in http/1.0 (if there is no connection
header, or if its value is set to close).
... in http/1.1, this model is only used when the connection
header is sent with a value of close.
...And 2 more matches
List of default Accept values - HTTP
this article documents the default values for the http accept
header for specific inputs and browser versions.
...(source) safari, chrome text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 (source) safari 5 text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 this is an improvement over earlier accept
headers as it no longer ranks image/png above text/html internet explorer 8 image/jpeg, application/x-ms-application, image/gif, application/xaml+xml, image/pjpeg, application/x-ms-xbap, application/x-shockwave-flash, application/msword, */* see ie and the accept
header (ieinternals' msdn blog).
...source safari */* chrome image/webp,image/apng,image/*,*/*;q=0.8 source internet explorer 8 or earlier */* see ie and the accept
header (ieinternals' msdn blog) internet explorer 9 image/png,image/svg+xml,image/*;q=0.8, */*;q=0.5 see fiddler is better with internet explorer 9 (ieinternals' msdn blog) values for a video when a video is requested, via the <video> html element, most browsers use specific values.
...And 2 more matches
Feature Policy - HTTP
the feature-policy
header has now been renamed to permissions-policy in the spec, and this article will eventually be updated to reflect that change.
... specifying your policy feature policy provides two ways to specify policies to control features: the feature-policy http
header.
... the primary difference between the http
header and the allow attribute is that the allow attribute only controls features within an iframe.
...And 2 more matches
Accept-Encoding - HTTP
the accept-encoding request http
header advertises which content encoding, usually a compression algorithm, the client is able to understand.
... using content negotiation, the server selects one of the proposals, uses it and informs the client of its choice with the content-encoding response
header.
...
header type request
header forbidden
header name yes syntax accept-encoding: gzip accept-encoding: compress accept-encoding: deflate accept-encoding: br accept-encoding: identity accept-encoding: * // multiple algorithms, weighted with the quality value syntax: accept-encoding: deflate, gzip;q=1.0, *;q=0.5 directives gzip a compression format using the lempel-ziv coding (lz7...
...And 2 more matches
Access-Control-Allow-Origin - HTTP
the access-control-allow-origin response
header indicates whether the response can be shared with requesting code from the given origin.
...
header type response
header forbidden
header name no syntax access-control-allow-origin: * access-control-allow-origin: <origin> access-control-allow-origin: null directives * for requests without credentials, the literal value "*" can be specified, as a wildcard; the value tells browsers to allow requesting code from any origin to access the resource.
...many user agents will grant such documents access to a response with an access-control-allow-origin: "null"
header, and any origin can create a hostile document with a "null" origin.
...And 2 more matches
Content-Encoding - HTTP
the content-encoding entity
header is used to compress the media-type.
...it lets the client know how to decode in order to obtain the media-type referenced by the content-type
header.
...
header type entity
header forbidden
header name no syntax content-encoding: gzip content-encoding: compress content-encoding: deflate content-encoding: identity content-encoding: br // multiple, in the order in which they were applied content-encoding: gzip, identity content-encoding: deflate, gzip directives gzip a format using the lempel-ziv coding (lz77), with a 32-bit crc.
...And 2 more matches
Content-Location - HTTP
the content-location
header indicates an alternate location for the returned data.
...location is a
header associated with the response, while content-location is associated with the data returned.
...
header type entity
header forbidden
header name no syntax content-location: <url> directives <url> a relative (to the request url) or absolute url.
...And 2 more matches
Cross-Origin-Opener-Policy - HTTP
the http cross-origin-opener-policy (coop) response
header allows you to ensure a top-level document does not share a browsing context group with cross-origin documents.
...
header type response
header forbidden
header name no syntax cross-origin-opener-policy: unsafe-none | same-origin-allow-popups | same-origin directives unsafe-none this is the default value.
... examples certain features depend on cross-origin isolation certain features like sharedarraybuffer objects or performance.now() with unthrottled timers are only available if your document has a coop
header with the value same-origin value set.
...And 2 more matches
DPR - HTTP
the dpr
header is a client hints
headers which represents the client device pixel ratio (dpr), which is the the number of physical device pixels corresponding to every css pixel.
...
header type request
header forbidden
header name ?
...server has to opt in to receive dpr
header from the client by sending accept-ch and accept-ch-lifetime response
headers.
...And 2 more matches
Feature-Policy - HTTP
the http feature-policy
header provides a mechanism to allow and deny the use of browser features in its own frame, and in content within any <iframe> elements in the document.
... this
header is still in an experimental state, and is subject to change at any time.
...the
header has now been renamed to permissions-policy in the spec, and this article will eventually be updated to reflect that change.
...And 2 more matches
Keep-Alive - HTTP
the keep-alive general
header allows the sender to hint about how the connection may be used to set a timeout and a maximum amount of requests.
... the connection
header needs to be set to "keep-alive" for this
header to have any meaning.
... connection-specific
header fields such as connection and keep-alive are prohibited in http/2.
...And 2 more matches
Pragma - HTTP
the pragma http/1.0 general
header is an implementation-specific
header that may have various effects along the request-response chain.
... it is used for backwards compatibility with http/1.0 caches where the cache-control http/1.1
header is not yet present.
... note: pragma is not specified for http responses and is therefore not a reliable replacement for the general http/1.1 cache-control
header, although it does behave the same as cache-control: no-cache, if the cache-control
header field is omitted in a request.
...And 2 more matches
Set-Cookie - HTTP
the set-cookie http response
header is used to send a cookie from the server to the user agent, so the user agent can send it back to the server later.
... to send multiple cookies, multiple set-cookie
headers should be sent in the same response.
... browsers block frontend javascript code from accessing the set cookie
header, as required by the fetch spec, which defines set-cookie as a forbidden response-
header name that must be filtered out from any response exposed to frontend code.
...And 2 more matches
TE - HTTP
the te request
header specifies the transfer encodings the user agent is willing to accept.
... in http/2 - the te
header field is only accepted if the trailers value is set.
... see also the transfer-encoding response
header for more details on transfer encodings.
...And 2 more matches
Trailer - HTTP
the trailer response
header allows the sender to include additional fields at the end of chunked messages in order to supply metadata that might be dynamically generated while the message body is sent, such as a message integrity check, digital signature, or post-processing status.
... the te request
header needs to be set to "trailers" to allow trailer fields.
...
header type response
header forbidden
header name yes syntax trailer:
header-names directives
header-names http
header fields which will be present in the trailer part of chunked messages.
...And 2 more matches
X-Content-Type-Options - HTTP
the x-content-type-options response http
header is a marker used by the server to indicate that the mime types advertised in the content-type
headers should not be changed and be followed.
... this
header was introduced by microsoft in ie 8 as a way for webmasters to block content sniffing that was happening and could transform non-executable mime types into executable mime types.
...make sure to set both
headers correctly.
...And 2 more matches
X-Forwarded-Proto - HTTP
the x-forwarded-proto (xfp)
header is a de-facto standard
header for identifying the protocol (http or https) that a client used to connect to your proxy or load balancer.
...to determine the protocol used between the client and the load balancer, the x-forwarded-proto request
header can be used.
... a standardized version of this
header is the http forwarded
header.
...And 2 more matches
HTTP resources and specifications - HTTP
7538 the hypertext transfer protocol status code 308 (permanent redirect) proposed standard rfc 7725 an http status code to report legal obstacles on the standard track rfc 2397 the "data" url scheme proposed standard rfc 3986 uniform resource identifier (uri): generic syntax internet standard rfc 5988 web linking defines the link
header proposed standard experimental spec hypertext transfer protocol (http) keep-alive
header informational (expired) draft spec http client hints ietf draft rfc 7578 returning values from forms: multipart/form-data proposed standard rfc 6266 use of the content-disposition
header field in the hypertext transfer protocol (http) proposed sta...
...ndard rfc 2183 communicating presentation information in internet messages: the content-disposition
header field only a subset of syntax of the content-disposition
header can be used in the context of http messages.
... proposed standard rfc 2817 upgrading to tls within http/1.1 proposed standard rfc 7540 hypertext transfer protocol version 2 (http/2) proposed standard rfc 7541 hpack:
header compression for http/2 on the standard track rfc 7838 http alternative services on the standard track rfc 7301 transport layer security (tls) application-layer protocol negotiation extension used to negotiate http/2 at the transport to save an extra request/response round trip.
...And 2 more matches
Migrating from Internal Linkage to Frozen Linkage - Archive of obsolete content
- #include "nsastring.h"- #include "nsstring.h"- #include "nsreadableutils.h"- #include "nsescape.h" + #include "nsstringapi.h" on windows, if you see the following error, you are including a
header you shouldn't be: nsstringfwd.h(60) : fatal error c1001: internal compiler error to debug this error, make in the failing directory, adding the /showincludes directive to figure out what is being included incorrectly: make -c directory/that/failed os_cppflags=-showincludes the frozen string api is similar but not identical to the nonfrozen string api.
...f promiseflatstring: nsstring firststring = somestring; nsstring secondstring = someotherstring; - nsstring combostring = firststring + secondstring; + nsstring combostring = firststring;+ combostring += secondstring; // or: combostring.append(secondstring); - nsresult rv = somefunc(promiseflatstring(combostring)); + nsresult rv = somefunc(combostring); removing the nsreadableutils.h from the
headers list also means that we would not have access to appendutf16toutf8 kind of functions.
...instead of passing getter_copies(astring) to a method expecting a character pointer out parameter, you will need to use a temporary variable and copy the result.missing
headers some
headers are included from idl files only when mozilla_internal_api is defined (actually, they shouldn't be there at all).
...the nsmsgutils.h
header for developing core mail/news code, the nsmsgutils.h
header is being enhanced to fill in some of the gaps caused by the differences between the internal and external apis.
Intercepting Page Loads - Archive of obsolete content
the channel is available to allow you to modify
headers and such.
...
headers are available on the channel.
... asubject.setrequest
header("referer", "http://example.com", false); } else if (re_url_to_cancel.test(url)) { // re_url_to_cancel is a regular expression.
... asubject.cancel(components.results.ns_binding_aborted); } } } this example shows how you can obtain the url for the request, analyze it using regular expressions, and perform actions on it such as modifying http
headers, or even canceling the request.
Migrate apps from Internet Explorer to Mozilla - Archive of obsolete content
string getallresponse
headers() returns all response
headers as one string.
... string getresponse
header(string
headername) returns the value of the specified
header.
... 2 loaded - send() has been called,
headers and status are available.
... void setrequest
header (string
headername, string
headervalue) sets an http request
header for use in the http request.
New Security Model for Web Services - Archive of obsolete content
using a soap
header for verification soap messages have a distinct processing model allowing a
header to be added that the recipient is required to understand and accept, which identifies the untrusted source of a script making a request.
... it may also be inconvenient to modify a soap service to ignore the specific verification
header.
... for example: <wsa:allow type="soapv" from="http://www.mozilla.org"/> this command allows soap requests with verification
headers from scripts loaded from the domain www.mozilla.org.
... <wsa:allow type="soapv" from="http://*.mozilla.org"/> this command allows soap requests with verification
headers from scripts loaded from the domain with host name containing mozilla.org.
Accessibility/XUL Accessibility Reference - Archive of obsolete content
keyset see keyboard shortcut tutorial listbox <label control='listid'><!--label text--></label> <listbox id="listid"> <listitem value="val" label="<!--item text-->"/> </listbox> <label control='listid2' value='<!--list label-->' /> <listbox rows="5" id='listid2'> <listcols> <listcol/> <listcol/> <listcol/> </listcols> <listhead> <list
header label="name" /> <list
header label="sex" /> <list
header label="color" /> </listhead> <listitem> <label value="<!--pearl-->" /> <label value="<!--female-->" /> <label value="<!--gray-->" /> </listitem> </listbox> i don't seem to be able to find a straightforward way to read the
header labels in jaws.
...erow> <treecell label="<!--aramis-->" /> </treerow> </treeitem> <treeitem> <treerow> <treecell label="<!--fergus-->" /> </treerow> </treeitem> </treechildren> </treeitem> </treechildren> </tree> there is no keyboard access to the column picker (the widget visually to the right of the column
headers) or the column
headers themselves (for sorting by column).
... jaws 7.10 can not read the column
headers.
...erow see tree elements that do not expose anything to screen readers/have no discovered accessibility issues yet: arrowscrollbox bbox box grippy hbox menuseparator overlay page script spacer splitter stringbundle stringbundleset vbox window elements not processed yet: action binding bindings broadcaster broadcasterset conditions content dialog dialog
header editor listcell member observes preference preferences prefpane prefwindow resizer richlistbox richlistitem resizer rule scrollbar scrollbox scrollcorner separator template textnode titlebar toolbar toolbarbutton toolbargrippy toolbaritem toolbarpalette toolbarseparator toolbarset toolbarspacer toolbarspring toolbox tooltip treeseparator triple wizard wizardpage...
NPN_PostURL - Archive of obsolete content
data in buffer cannot be posted for a protocol that requires a
header.
...you cannot use npn_posturl to specify
headers (even a blank line) in a memory buffer.
...for protocols in which the
headers must be distinguished from the body, such as http, the buffer or file should contain the
headers, followed by a blank line, then the body.
... if no custom
headers are required, simply add a blank line ('\n') to the beginning of the file or buffer.
Create Your Own Firefox Background Theme - Archive of obsolete content
how to create your own background theme themes are made up of a "
header" graphic image file, which skins the default firefox ui background.
... creating a theme
header image the
header image is displayed as the background of the top of the browser window, nestling in behind the toolbars, address bar, search bar and the tab strip.
... view a sample theme
header here.
... select text and tab colors — you can choose the tab ("background") color and foreground text color that work best with your
header image.
Preflight request - MDN Web Docs Glossary: Definitions of Web-related terms
a cors preflight request is a cors request that checks to see if the cors protocol is understood and a server is aware using specific methods and
headers.
... it is an options request, using three http request
headers: access-control-request-method, access-control-request-
headers, and the origin
header.
... for example, a client might be asking a server if it would allow a delete request, before sending a delete request, by using a preflight request: options /resource/foo access-control-request-method: delete access-control-request-
headers: origin, x-requested-with origin: https://foo.bar.org if the server allows it, then it will respond to the preflight request with an access-control-allow-methods response
header, which lists delete: http/1.1 204 no content connection: keep-alive access-control-allow-origin: https://foo.bar.org access-control-allow-methods: post, get, options, delete access-control-max-age: 86400 the prefligh...
...t response can be optionally cached for the requests created in the same url using access-control-max-age
header like in the above example.
XInclude - MDN Web Docs Glossary: Definitions of Web-related terms
href = xinclude.getattribute('href'); var parse = xinclude.getattribute('parse'); var xpointer = xinclude.getattribute('xpointer'); var encoding = xinclude.getattribute('encoding'); // e.g., utf-8 // "text/xml or application/xml or matches text/*+xml or application/*+xml" before encoding (then utf-8) var accept = xinclude.getattribute('accept'); //
header "accept: "+x var acceptlanguage = xinclude.getattribute('accept-language'); // "accept-language: "+x var xifallback = xinclude.getelementsbytagnamens('http://www.w3.org/2001/xinclude', 'fallback')[0]; // only one such child is allowed if (href === '' || href === null) { // points to same document if empty (null is equivalent to empty string) hre...
...netscape.security.privilegemanager.enableprivilege('universalxpconnect universalbrowserread'); // necessary with file:///-located files trying to reach external sites if (href !== null) { var response, responsetype; var request = new xmlhttprequest(); request.open('get', href, false); request.setrequest
header('if-modified-since', 'thu, 1 jan 1970 00:00:00 gmt'); request.setrequest
header('cache-control', 'no-cache'); if (accept) { request.setrequest
header('accept', accept); } if (acceptlanguage) { request.setrequest
header('accept-language', acceptlanguage); ...
... } switch (parse) { case 'text': // priority should be on media type: var contenttype = request.getresponse
header('content-type'); //text/xml; charset="utf-8" // send to get
headers first?
... new request apparently since cannot convert the encoding after receiving it (to know what the encoding was) var request2 = new xmlhttprequest(); request2.overridemimetype('text/plain; charset='+encodingtype); request2.open('get', href, false); request2.setrequest
header('if-modified-since', 'thu, 1 jan 1970 00:00:00 gmt'); request2.setrequest
header('cache-control', 'no-cache'); request2.send(null); response = request2[responsetype]; // update the response for processing } // replace xinclude with the res...
Fundamental CSS comprehension - Learn web development
also add three more comments at the bottom of the css file to indicate styles specific to the setup of the card container, styles specific to the
header and footer, and styles specific to the main business card contents.
... give the
header a background gradient that goes from darker to lighter, plus rounded corners that fit in with the rounded corners set on the main card container.
... new rulesets you need to write: write a ruleset that targets both the card
header, and card footer, giving them both a computed total height of 50px (including a content height of 30px and padding of 10px on all sides.) but express it in ems.
... write a ruleset that gives the <h2> an effective font size of 20px (but expressed in ems) and an appropriate line height to place it in the center of the
header's content box.
Index - Learn web development
228 html table advanced features and accessibility accessibility, advanced, article, beginner, codingscripting, html,
headers, learn, caption, nesting, scope, sumary, table, tbody, tfoot, thead there are a few other things you could learn about table html, but we have really given all you need to know at this moment in time.
... 229 html table basics article, beginner, codingscripting, html, learn, tables, basics, cell, col, colgroup, colspan,
header, row, rowspan that just about wraps up the basics of html tables.
...is it part of a table?), structure a document into logical sections (does it have a
header?
... 323 sending form data beginner, codingscripting, files, forms, guide, html, http,
headers, security, web as we'd alluded to above, sending form data is easy, but securing an application can be tricky.
Accessibility API cross-reference
checkbutton check_box check_box checkbox or switch <input type=checkbox> pretty obvious what this is for clock n/a n/a timer <time> column of cells in a table - how would the user specifically point to this, as opposed to the column
header or cells?
... column n/a n/a n/a the heading of a table's column column
header column_
header column_
header, table_column_
header column
header <th scope=col> edit control with drop down list box, different from droplist combobox combo_box combo_box combobox abstract role - a form of widget that performs an action but does not receive input data.
... log the main content of a document, distinct from complementary info,
headers, footers, navigation, asides etc.
... n/a n/a rowgroup n/a a table row
header row
header row_
header row_
header, table_row_
header row
header <th scope=row> vertical or horizontal scrollbar scrollbar scroll_bar scroll_bar scrollbar a landmark region that contains a collection of items and objects that, as a whole, combine to create a search facility.
Lightweight themes
how to create your own lightweight theme lightweight themes are made up of a "
header" graphic image file, which skins the default firefox ui background.
... creating a theme
header image the
header image is displayed as the background of the top of the browser window, nestling in behind the toolbars, address bar, search bar and the tab strip.
... view a sample theme
header here.
... select text and tab colors — you can choose the tab ("background") color and foreground text color that work best with your
header image.
Localization content best practices
for example, suppose this string needs to be changed from "event" to "add new event": new-event-
header = event add-new-event-
header is definitely a better choice for the new string than new-event-
header1.
...privacy-link = privacy terms file-wide comments should use the same format, they should be at the top of the file (after the license
header) and just drop the (entity name/key) reference.
...for example, if you're adding a new menu item in settings on android, don't use the same string for the menu item and the following screen
header.
...a developer could be tempted to reuse the same string "bookmark" in the button to add a bookmark, and in the
header for the next dialog.
NSPR Contributor Guide
header file descriptions.
... provide
header file descriptions that fully document your public typedefs, enums, macros and functions.
... see: prshm.h as an example of how your
header file(s) should be documented.
... generally useful platform abstractions you agree to sustain, bug fix may rely on the nspr api may not rely on any other library api new platform ports all nspr api items must be implemented platform specific
headers in pr/include/md/_platformname.[h!cfg] platform specific code in pr/src/md/platform/*.c make rules in config/_platform.mk documentation the files for nspr's documentation are maintained using a proprietary word processing system [don't ask].
Python binding for NSS
identifer names follow the preferred python style instead of the style in the nss/nspr c
header files.
... enumerated constants used in the nss/nspr api's are available in the python module under the exact same name as they appear in the c
header files of nss/nspr.
... setup.py build enhancements now searches for the nss and nspr
header files rather than hardcoding their location.
... add
header dependency information to setup.py so modules will be rebuilt when
header files change.
SpiderMonkey 1.8.8
including jsapi.h provides all these types, but more-specific
headers also provide these types if you wish to use them in other code.
... the file must conform to the standard c99 <stdint.h>
header interface in all respects, providing all that
header's types and macro definitions.
... (the msstdint project includes an implementation of this
header for microsoft visual studio which demonstrates what the c99 interface looks like.) otherwise, if the compiler doesn't provide a usable <stdint.h>
header, a custom implementation shipped with the spidermonkey source is used.
... in the meantime moz_custom_stdint_h is intended to function as a bridge to always using the standard
header.
SpiderMonkey 17
including jsapi.h provides all these types, but more-specific
headers also provide these types if you wish to use them in other code.
... the file must conform to the standard c99 <stdint.h>
header interface in all respects, providing all that
header's types and macro definitions.
... (the msstdint project includes an implementation of this
header for microsoft visual studio which demonstrates what the c99 interface looks like.) otherwise, if the compiler doesn't provide a usable <stdint.h>
header, a custom implementation shipped with the spidermonkey source is used.
... in the meantime moz_custom_stdint_h is intended to function as a bridge to always using the standard
header.
Using XPCOM Utilities to Make Things Easier
\ { /* 9ac9e770-18bc-11d3-9337-00104ba0fd40 */ \ 0x9ac9e770, \ 0x18bc, \ 0x11d3, \ {0x93, 0x37, 0x00, 0x10, 0x4b, 0xa0, 0xfd, 0x40} \ } the next entry is the contract id string, which is also usually defined in a #define in a
header file.
...inside the macro, the interface name expands to ns_get_iid(), which is another macro that extracts the iid from the generated
header of the interface.
... when an interface is written in xpidl, the
headers include static declarations of their iids.
... using these declaration macros not only saves a tremendous amount of time when you're writing the code, it can also save time if you make changes to your idl file, since the c++
header file will then automatically include the updated list of methods to be supported.
nsIMsgDBView
method overview void open(in nsimsgfolder folder, in nsmsgviewsorttypevalue sorttype, in nsmsgviewsortordervalue sortorder, in nsmsgviewflagstypevalue viewflags, out long count); void openwithhdrs(in nsisimpleenumerator a
headers, in nsmsgviewsorttypevalue asorttype, in nsmsgviewsortordervalue asortorder, in nsmsgviewflagstypevalue aviewflags, out long acount); void close(); void init(in nsimessenger amessengerinstance, in nsimsgwindow amsgwindow, in nsimsgdbviewcommandupdater acommandupdater); void sort(in nsmsgviewsorttypevalue sorttype, in nsmsgviewsortordervalue sortorder); void do...
... hdrforfirstselectedmessage nsimsgdbhdr readonly:
header of the first selected message.
... openwithhdrs() opens the view with a set of specified
headers.
... void openwithhdrs(in nsisimpleenumerator a
headers, in nsmsgviewsorttypevalue asorttype, in nsmsgviewsortordervalue asortorder, in nsmsgviewflagstypevalue aviewflags, out long acount); parameters a
headers a list of
headers to open, arranged in an nsisimpleenumerator.
nsIMsgFolder
ean markflagged); void markthreadread(in nsimsgthread thread); void setlabelformessages(in nsisupportsarray messages, in nsmsglabelvalue label); nsimsgdatabase getmsgdatabase(in nsimsgwindow msgwindow); void setmsgdatabase(in nsimsgdatabase msgdatabase); nsimsgdatabase getdbfolderinfoanddb(out nsidbfolderinfo folderinfo); nsimsgdbhdr getmessage
header(in nsmsgkey msgkey); boolean shouldstoremsgoffline(in nsmsgkey msgkey); boolean hasmsgoffline(in nsmsgkey msgkey); nsiinputstream getofflinefilestream(in nsmsgkey msgkey, out pruint32 offset, out pruint32 size); void downloadmessagesforoffline(in nsisupportsarray messages, in nsimsgwindow window); nsimsgfolder getchildwithuri(in acstring uri, in boolea...
... many
headerstodownload boolean readonly: used to determine if it will take a long time to download all the
headers in this folder - so that we can do folder notifications synchronously instead of asynchronously.
... methods startfolderloading() void startfolderloading(); endfolderloading() void endfolderloading(); updatefolder() get new
headers for the database.
...ead); setlabelformessages() void setlabelformessages(in nsisupportsarray messages, in nsmsglabelvalue label); getmsgdatabase() nsimsgdatabase getmsgdatabase(in nsimsgwindow msgwindow); setmsgdatabase() void setmsgdatabase(in nsimsgdatabase msgdatabase); getdbfolderinfoanddb() nsimsgdatabase getdbfolderinfoanddb(out nsidbfolderinfo folderinfo); getmessage
header() nsimsgdbhdr getmessage
header(in nsmsgkey msgkey); shouldstoremsgoffline() boolean shouldstoremsgoffline(in nsmsgkey msgkey); hasmsgoffline() boolean hasmsgoffline(in nsmsgkey msgkey); getofflinefilestream() nsiinputstream getofflinefilestream(in nsmsgkey msgkey, out pruint32 offset, out pruint32 size); dow...
nsIUploadChannel2
1.0 66 introduced gecko 1.9.2 inherits from: nsisupports last changed in gecko 1.9.2 (firefox 3.6 / thunderbird 3.1 / fennec 1.0) method overview void explicitsetuploadstream(in nsiinputstream astream, in acstring acontenttype, in long long acontentlength, in acstring amethod, in boolean astreamhas
headers); methods explicitsetuploadstream() sets a stream to be uploaded by this channel with the specified content-type and content-length
header values.
... void explicitsetuploadstream( in nsiinputstream astream, in acstring acontenttype, in long long acontentlength, in acstring amethod, in boolean astreamhas
headers ); parameters astream the stream to be uploaded by this channel.
... acontenttype this value will replace any existing content-type
header on the http request, regardless of whether or not its empty.
...astreamhas
headers true if the stream already contains
headers for the http request.
pyxpidl
the pyxpidl tool suite has been built to replace the older xpidl tool which, in the past, was used to turn xpidl files into c++
headers and xpcom typelibs (xpt files).
...unlike xpidl, which combined all the functions into a single utility, pyxpidl is comprised of two utilities:
header.py, which generates c++
headers from idl, and typelib.py, which generates xpt files.
... generating c++
headers to generate c++
headers, use the
header.py utility: sdkdir/sdk/bin/
header.py --cachedir=<path> -o <outputfilename.h> <filename.idl> generating typelibs generating typelib files is done using the typelib.py utility: sdkdir/sdk/bin/typelib.py --cachedir=<path> -o <outputfilename.xpt> <filename.idl> comparing pyxpidl to xpidl this table provides a mapping of old xpidl options to pyxpidl.
...ut (-o /tmp/nsifoo for example) -o outputfile (this isn't just the base name, but needs to include the extension; for example -o /tmp/nsifoo.idl) -e specify an explicit output file name (-e /tmp/nsifoo.idl for example) n/a (this is subsumed by -o now) -d write dependencies (requires -e) -d (unchanged) -m specify output mode n/a (feature removed; use
header.py or typelib.py specifically) it's worth noting that the old output mode options for generating documentation and java interfaces (-m doc and -m java) have no equivalents in pyxpidl.
XPIDL
note: starting in gecko 9.0, the older xpidl utility, which was previously used to generate c++
header files, typelib information, and so forth has been replaced with pyxpidl in the gecko sdk.
...the only constants supported are those which become integer types when compiled to source code; string constants and floating point constants, though parseable, cannot be made into a
header or xpt file.
... constants are emitted in
header files using anonymous enums, although there is an outstanding patch that combines adjacent constants into the same anonymous enums to quiet enum mismatch warnings.
... resources (mostly outdated) some unsorted notes including a keyword list xpidl is a tool for generating c++
headers, java interfaces, xpconnect typelibs, and html documentation from xpidl files generating xpt files on windows a google groups post with instructions on how to use variable-length argument lists using xpidl.
Creating a gloda message query
gloda.daterange([lowerdate1, upperdate1], [lowerdate2, upperdate2], ...): add the constraint that the message date (per the message's date
header) must fall within one of the specified inclusive ranges.
... somewhat magic attributes:
headermessageid: the contents of the message-id
header of the message.
... gloda.getmessagecollectionfor
header(amsrhdr, alistener, adata) returns a collection (with your provided listener and data).
...(a duplicate message is a message with the same message-id
header.) ...
Mail composition back end
this will contain all of the relevant
header information for message creation prbool digest_p, - this is a flag that says that most of the documents we are attaching are themselves messages, and so we should generate a multipart/digest container instead of multipart/mixed.
...this will contain all of the relevant
header information for message delivery nsfilespec *sendfilespec, - the file spec for the message being sent prbool deletesendfileoncompletion, - tell the back end if it should delete the file upon successful completion prbool digest_p, - this i...
...this will contain all of the relevant
header information for message delivery nsiuri *url, - the uri of the message composition fields.
... this will contain all of the relevant
header information for message delivery nsmsgdelivermode mode, - mode is the delivery mode.
Request() - Web APIs
headers: any
headers you want to add to your request, contained within a
headers object or an object literal with bytestring values.
...flowers.jpg'); fetch(myrequest).then(function(response) { return response.blob(); }).then(function(response) { var objecturl = url.createobjecturl(response); myimage.src = objecturl; }); in our fetch request with init example (see fetch request init live) we do the same thing except that we pass in an init object when we invoke fetch(): var myimage = document.queryselector('img'); var my
headers = new
headers(); my
headers.append('content-type', 'image/jpeg'); var myinit = { method: 'get',
headers: my
headers, mode: 'cors', cache: 'default' }; var myrequest = new request('flowers.jpg',myinit); fetch(myrequest).then(function(response) { ...
...}); you can also use an object literal as
headers in init.
... var myinit = { method: 'get',
headers: { 'content-type': 'image/jpeg' }, mode: 'cors', cache: 'default' }; var myrequest = new request('flowers.jpg', myinit); you may also pass a request object to the request() constructor to create a copy of the request (this is similar to calling the clone() method.) var copy = new request(myrequest); note: this last usage is probably only useful in serviceworkers.
Response.type - Web APIs
it can be one of the following: basic: normal, same origin response, with all
headers exposed except “set-cookie” and “set-cookie2″.
...certain
headers and the body may be accessed.
...the response’s status is 0,
headers are empty and immutable.
...the response's status is 0,
headers are empty, body is null and trailer is empty.
XMLHttpRequest.readyState - Web APIs
2
headers_received send() has been called, and
headers and status are available.
...during this state, the request
headers can be set using the setrequest
header() method and the send() method can be called which will initiate the fetch.
...
headers_received send() has been called and the response
headers have been received.
...instead of unsent, opened,
headers_received, loading and done, the names readystate_uninitialized (0), readystate_loading (1), readystate_loaded (2), readystate_interactive (3) and readystate_complete (4) are used.
WAI-ARIA Roles - Accessibility
this role can be used in combination with the aria-pressed attribute to create toggle buttons.aria: cell rolethe cell value of the aria role attribute identifies an element as being a cell in a tabular container that does not contain column or row
header information.
...a row contains one or more cells, grid cells or column
headers, and possibly a row
header, within a grid, table or treegrid, and optionally within a rowgroup.aria: rowgroup rolean element with role="rowgroup" is a group of rows within a tabular structure.
... a rowgroup contains one or more rows of cells, grid cells, column
headers, or row
headers within a grid, table or treegrid.aria: search rolethe search landmark role is used to identify a section of the page used to search the page, site, or collection of sites.aria: suggestion rolethe suggestion landmark role semantically denotes a single proposed change to an editable document.
... alertdialog banner combobox command column
header (estelle) complementary composite definition directory feed gridcell (eric e) group input landmark link - old page listbox log - old page marquee math menu menubar menuitem menuitemcheckbox menuitemradio none note option presentation progressbar - old page radio - old page radiogroup range region roletype row
header(estelle) scrollbar searchbox section sectionhea...
:is() (:matches(), :any()) - CSS: Cascading Style Sheets
/* selects any paragraph inside a
header, main or footer element that is being hovered */ :is(
header, main, footer) p:hover { color: red; cursor: pointer; } /* the above is equivalent to the following */
header p:hover, main p:hover, footer p:hover { color: red; cursor: pointer; } /* backwards-compatible version with :-*-any() and :matches() (it is not possible to group selectors into single rule, because presence of ...
...invalid selector would invalidate whole rule.) */ :-webkit-any(
header, main, footer) p:hover { color: red; cursor: pointer; } :-moz-any(
header, main, footer) p:hover { color: red; cursor: pointer; } :matches(
header, main, footer) p:hover { color: red; cursor: pointer; } syntax :is( <complex-selector-list> )where <complex-selector-list> = <complex-selector>#where <complex-selector> = <compound-selector> [ <combinator>?
...'='<attr-modifier> = i | s examples cross-browser example <
header> <p>this is my
header paragraph</p> </
header> <main> <ul> <li><p>this is my first</p><p>list item</p></li> <li><p>this is my second</p><p>list item</p></li> </ul> </main> <footer> <p>this is my footer paragraph</p> </footer> :-webkit-any(
header, main, footer) p:hover { color: red; cursor: pointer; } :-moz-any(
header, main, footer) p:hover { color: red; cursor: pointer;...
... } :matches(
header, main, footer) p:hover { color: red; cursor: pointer; } :is(
header, main, footer) p:hover { color: red; cursor: pointer; } let matcheditems; try { matcheditems = document.queryselectorall(':is(
header, main, footer) p'); } catch(e) { try { matcheditems = document.queryselectorall(':matches(
header, main, footer) p'); } catch(e) { try { matcheditems = document.queryselectorall(':-webkit-any(
header, main, footer) p'); } catch(e) { try { matcheditems = document.queryselectorall(':-moz-any(
header, main, footer) p'); } catch(e) { console.log('your browser doesn\'t support :is(), :matches(), or :any()'); } } } } matcheditems.foreach(applyhandler); function applyhandler(elem) { elem.addeventlistener('click...
Using CSS animations - CSS: Cascading Style Sheets
this causes the first frame of the animation to have the
header drawn off the right edge of the browser window.
...this causes the
header to finish its animation flush against the left edge of the content area.
...let’s say we want the
header’s font size to increase as it moves from right to left for a while, then to decrease back to its original size.
...0%; } 75% { font-size: 300%; margin-left: 25%; width: 150%; } to { margin-left: 0%; width: 100%; } } <p>the caterpillar and alice looked at each other for some time in silence: at last the caterpillar took the hookah out of its mouth, and addressed her in a languid, sleepy voice.</p> this tells the browser that 75% of the way through the animation sequence, the
header should have its left margin at 25% and the width should be 150%.
Layout using named grid lines - CSS: Cascading Style Sheets
apper > div { border: 2px solid #ffa94d; border-radius: 5px; background-color: #ffd8a8; padding: 1em; color: #d9480f; } .wrapper { display: grid; grid-template-columns: repeat(9, 1fr); grid-auto-rows: minmax(100px, auto); grid-template-areas: "hd hd hd hd hd hd hd hd hd" "sd sd sd main main main main main main" "ft ft ft ft ft ft ft ft ft"; } .
header { grid-area: hd; } .footer { grid-area: ft; } .content { grid-area: main; } .sidebar { grid-area: sd; } .wrapper > div.overlay { z-index: 10; grid-column: main-start / main-end; grid-row: hd-start / ft-end; border: 4px solid rgb(92,148,13); background-color: rgba(92,148,13,.4); color: rgb(92,148,13); font-size: 150%; } <div class="wrapper"> <div class="
header">
header...
...for example, to create a three column layout with a
header and footer, i might have the following markup.
... * {box-sizing: border-box;} .wrapper { border: 2px solid #f76707; border-radius: 5px; background-color: #fff4e6; } .wrapper > * { border: 2px solid #ffa94d; border-radius: 5px; background-color: #ffd8a8; padding: 1em; color: #d9480f; } <div class="wrapper"> <
header class="main-
header">i am the
header</
header> <aside class="side1">i am sidebar 1</aside> <article class="content">i am the main article</article> <aside class="side2">i am sidebar 2</aside> <footer class="main-footer">i am the footer</footer> </div> i could then place this on my grid layout framework like this.
... .main-
header, .main-footer { grid-column: col-start / span 12; } .side1 { grid-column: col-start / span 3; grid-row: 2; } .content { grid-column: col-start 4 / span 6; grid-row: 2; } .side2 { grid-column: col-start 10 / span 3; grid-row: 2; } once again, the grid highlighter is helpful to show us how the grid we have placed our items on works.
<td>: The Table Data Cell element - HTML: Hypertext Markup Language
headers this attribute contains a list of space-separated strings, each corresponding to the id attribute of the <th> elements that apply to this element.
...each string is the id of a group of cells that this
header applies to.
... scope this enumerated attribute defines the cells that the
header (defined in the <th>) element relates to.
... only use this attribute with the <th> element to define the row or column for which it is a
header.
Basics of HTTP - HTTP
on top of these basic concepts, numerous extensions have been developed over the years that add updated functionality and semantics with new http methods or
headers.
... separating identity and location of a resource: the alt-svc http
header most of the time the identity and location of a web resource are shared, this can be changed with the alt-svc
header.
...this article explains how this is accomplished using the content-type
header and the mime standard.
... content negotiation http introduces a set of
headers, starting with accept as a way for a browser to announce the format, language, or encoding it prefers.
Accept-Ranges - HTTP
the accept-ranges response http
header is a marker used by the server to advertise its support of partial requests.
... in presence of an accept-ranges
header, the browser may try to resume an interrupted download, rather than to start it from the start again.
...
header type response
header forbidden
header name no syntax accept-ranges: <range-unit> accept-ranges: none directives <range-unit> defines the range unit the server supports.
... none no range unit is supported, this makes the
header equivalent of its own absence and is therefore rarely used, though some browsers, like ie9, it is used to disable or remove the pause buttons in the download manager.
Accept - HTTP
the accept request http
header advertises which content types, expressed as mime types, the client is able to understand.
... using content negotiation, the server then selects one of the proposals, uses it and informs the client of its choice with the content-type response
header.
... browsers set adequate values for this
header depending on the context where the request is done: when fetching a css stylesheet a different value is set for the request than when fetching an image, video or a script.
...
header type request
header forbidden
header name no cors-safelisted request
header yes, with the additional restriction that values can't contain a cors-unsafe request
header byte: 0x00-0x1f (except 0x09 (ht)), "():<>?@[\]{}, and 0x7f (del).
Age - HTTP
the age
header contains the time in seconds the object has been in a proxy cache.
... the age
header is usually close to zero.
... if it is age: 0, it was probably just fetched from the origin server; otherwise it is usually calculated as a difference between the proxy's current date and the date general
header included in the http response.
...
header type response
header forbidden
header name no syntax age: <delta-seconds> directives <delta-seconds> a non-negative integer, representing time in seconds the object has been in a proxy cache.
Allow - HTTP
the allow
header lists the set of methods supported by a resource.
... this
header must be sent if the server responds with a 405 method not allowed status code to indicate which request methods can be used.
... an empty allow
header indicates that the resource allows no request methods, which might occur temporarily for a given resource, for example.
...
header type entity
header forbidden
header name no syntax allow: <http-methods> directives <http-methods> the comma-separated list of allowed http request methods.
Clear-Site-Data - HTTP
the clear-site-data
header clears browsing data (cookies, storage, cache) associated with the requesting website.
...
header type response
header forbidden
header name no syntax the clear-site-data
header accepts one or more directives.
...if more data types are added in future versions of this
header, they will also be covered by it.
...you can achieve that by adding the clear-site-data
header when sending the page confirming that logging out from the site has been accomplished successfully (https://example.com/logout, for example): clear-site-data: "cache", "cookies", "storage", "executioncontexts" clearing cookies if this
header is delivered with the response at https://example.com/clear-cookies, all cookies on the same domain https://example.com and any subdomains (like https://stage.example.com, etc), will be cleared out.
Content-Language - HTTP
the content-language entity
header is used to describe the language(s) intended for the audience, so that it allows a user to differentiate according to the users' own preferred language.
...multiple language tags are also possible, as well as applying the content-language
header to various media types and not only to textual documents.
...
header type entity
header forbidden
header name no cors-safelisted response
header yes cors-safelisted request
header yes, with the additional restriction that values can only be 0-9, a-z, a-z, space or *,-.;=.
... <html lang="de"> do not use this meta element like this for stating a document language: <!-- /!\ this is bad practice --> <meta http-equiv="content-language" content="de"> indicating a target audience for a resource the content-language
header is used to specify the intended audience of the page, and can indicate that this is more than one language.
Digest - HTTP
the digest response http
header provides a digest of the requested resource.
...the selected representation depends on the content-type and content-encoding
header values: so a single resource may have multiple different digest values.
...
header type response
header forbidden
header name no syntax digest: <digest-algorithm>=<digest-value> digest: <digest-algorithm>=<digest-value>,<digest-algorithm>=<digest-value> directives <digest-algorithm> supported digest algorithms are defined in rfc 3230 and rfc 5843, and include sha-256 and sha-512.
... examples digest: sha-256=x48e9qookqqrvdts8nojrjn3owduoywxbf7kbu9dbpe= digest: sha-256=x48e9qookqqrvdts8nojrjn3owduoywxbf7kbu9dbpe=,unixsum=30637 specifications specification title draft-ietf-httpbis-digest-
headers-latest resource digests for http this
header was originally defined in rfc 3230, but the definition of "selected representation" in rfc 7231 made the original definition inconsistent with current http specifications.
Expect-CT - HTTP
the expect-ct
header lets sites opt in to reporting and/or enforcement of certificate transparency requirements, to prevent the use of misissued certificates for that site from going unnoticed.
... be satisfied via any one of the following mechanisms: x.509v3 certificate extension to allow embedding of signed certificate timestamps issued by individual logs a tls extension of type signed_certificate_timestamp sent during the handshake supporting ocsp stapling (that is, the status_request tls extension) and providing a signedcertificatetimestamplist when a site enables the expect-ct
header, they are requesting that the browser check that any certificate for that site appears in public ct logs.
... browsers ignore the expect-ct
header over http; the
header only has effect on https connections.
...
header type response
header forbidden
header name yes syntax expect-ct: report-uri="<uri>", enforce, max-age=<age> directives max-age the number of seconds after reception of the expect-ct
header field during which the user agent should regard the host of the received message as a known expect-ct host.
From - HTTP
the from request
header contains an internet email address for a human user who controls the requesting user agent.
...a crawler), the from
header should be sent, so you can be contacted if problems occur on servers, such as if the robot is sending excessive, unwanted, or invalid requests.
... you shouldn't use the from
header for access control or authentication.
...
header type request
header forbidden
header name no syntax from: <email> directives <email> a machine-usable email address.
Host - HTTP
the host request
header specifies the host and port number of the server to which the request is being sent.
... a host
header field must be sent in all http/1.1 request messages.
... a 400 (bad request) status code may be sent to any http/1.1 request message that lacks a host
header field or that contains more than one.
...
header type request
header forbidden
header name yes syntax host: <host>:<port> directives <host> the domain name of the server (for virtual hosting).
If-Match - HTTP
the if-match http request
header makes the request conditional.
... there are two common use cases: for get and head methods, used in combination with a range
header, it can guarantee that the new ranges requested comes from the same resource than the previous one.
...
header type request
header forbidden
header name no syntax if-match: <etag_value> if-match: <etag_value>, <etag_value>, … directives <etag_value> entity tags uniquely representing the requested resources.
...however, in an if-match
header, weak entity tags will never match.
Last-Modified - HTTP
the last-modified response http
header contains the date and time at which the origin server believes the resource was last modified.
...less accurate than an etag
header, it is a fallback mechanism.
... conditional requests containing if-modified-since or if-unmodified-since
headers make use of this field.
...
header type response
header forbidden
header name no cors-safelisted response
header yes syntax last-modified: <day-name>, <day> <month> <year> <hour>:<minute>:<second> gmt directives <day-name> one of "mon", "tue", "wed", "thu", "fri", "sat", or "sun" (case-sensitive).
Location - HTTP
the location response
header indicates the url to redirect a page to.
... all responses with one of these status codes send a location
header.
...location is a
header associated with the response, while content-location is associated with the entity returned.
...
header type response
header forbidden
header name no syntax location: <url> directives <url> a relative (to the request url) or absolute url.
Public-Key-Pins - HTTP
note: public key pinning mechanism was deprecated in favor of certificate transparency and expect-ct
header.
... the http public-key-pins response
header used to associate a specific cryptographic public key with a certain web server to decrease the risk of mitm attacks with forged certificates, however, it has been removed from modern browsers and is no longer supported.
... use certificate transparency and expect-ct
header instead.
...
header type response
header forbidden
header name no syntax public-key-pins: pin-sha256="<pin-value>"; max-age=<expire-time>; includesubdomains; report-uri="<uri>" directives pin-sha256="<pin-value>" the quoted string is the base64 encoded subject public key information (spki) fingerprint.
Range - HTTP
the range http request
header indicates the part of a document that the server should return.
... several parts can be requested with one range
header at once, and the server may send back these ranges in a multipart document.
...the server can also ignore the range
header and return the whole document with a 200 status code.
...
header type request
header forbidden
header name no syntax range: <unit>=<range-start>- range: <unit>=<range-start>-<range-end> range: <unit>=<range-start>-<range-end>, <range-start>-<range-end> range: <unit>=<range-start>-<range-end>, <range-start>-<range-end>, <range-start>-<range-end> range: <unit>=-<suffix-length> directives <unit> the unit in which ranges are specified.
Sec-WebSocket-Accept - HTTP
the sec-websocket-accept
header is used in the websocket opening handshake.
... it would appear in the response
headers.
... that is, this is
header is sent from server to client to inform that server is willing to initiate a websocket connection.
...
header type response
header forbidden
header name no syntax sec-websocket-accept: <hashed key> directives <hashed key> the server takes the value of the sec-websocket-key sent in the handshake request, appends 258eafa5-e914-47da-95ca-c5ab0dc85b11, takes sha-1 of the new value, and is then base64 encoded.
WWW-Authenticate - HTTP
the http www-authenticate response
header defines the authentication method that should be used to gain access to a resource.
... the www-authenticate
header is sent along with a 401 unauthorized response.
...
header type response
header forbidden
header name no syntax www-authenticate: <type> realm=<realm>[, charset="utf-8"] directives <type> authentication type.
... examples typically, a server response contains a www-authenticate
header that looks like these: www-authenticate: basic www-authenticate: basic realm="access to the staging site", charset="utf-8" see also http authentication for examples on how to configure apache or nginx servers to password protect your site with http basic authentication.
X-DNS-Prefetch-Control - HTTP
the x-dns-prefetch-control http response
header controls dns prefetching, a feature by which browsers proactively perform domain name resolution on both links that the user may choose to follow as well as urls for items referenced by the document, including images, css, javascript, and so forth.
...
header type response
header forbidden
header name no syntax x-dns-prefetch-control: on x-dns-prefetch-control: off directives on enables dns prefetching.
... this is what browsers do, if they support the feature, when this
header is not present off disables dns prefetching.
... examples turning on and off prefetching you can either send the x-dns-prefetch-control
header server-side, or from individual documents, using the http-equiv attribute on the <meta> element, like this: <meta http-equiv="x-dns-prefetch-control" content="off"> you can reverse this setting by setting content to "on".
Authoring MathML - MathML
to use it, just insert one line in your document
header: <script src="https://fred-wang.github.io/mathml.css/mspace.js"></script> if you need more complex constructions, you might instead consider using the heavier mathjax library as a mathml polyfill: <script src="https://fred-wang.github.io/mathjax.js/mpadded-min.js"></script> note that these two scripts perform feature detection of the mspace or mpadded elements (see the browser compatibility t...
... pros: this is very easy setup: only a few javascript and css files to upload and/or a link to add to your document
header.
...the installation is similar: copy latexmathml.js and latexmathml.standardarticle.css, add links in the
header of your document and the latex content of your web page marked by the "latex" class will be automatically parsed and converted to html+mathml: <head> ...
...the installation is similar: download and copy the relevant javascript and css files on your web site and reference them in your page
header (see the copy-me.html file from the zip archive for an example).
Autoplay guide for media and Web Audio APIs - Web media technologies
the http feature-policy
header's autoplay directive is used to control which domains, if any, can be used to autoplay media.
... example: allowing autoplay only from the document's domain to use the feature-policy
header to only allow media to autoplay from the document's origin: feature-policy: autoplay 'self' to do the same for an <iframe>: <iframe src="mediaplayer.html" allow="autoplay 'src'"> </iframe> example: allowing autoplay and fullscreen mode adding fullscreen api permission to the previous example results in a feature-policy
header like the following if fullscreen access is allowed regard...
... feature-policy: autoplay 'self'; fullscreen the same permissions, grated using the <iframe> element's allow property, look like this: <iframe src="mediaplayer.html" allow="autoplay 'src'; fullscreen"> </iframe> example: allowing autoplay from specific sources the feature-policy
header to allow media to be played from both the document's (or <iframe>'s) own domain and https://example.media looks like this: feature-policy: autoplay 'self' https://example.media an <iframe> can be written to specify that this autoplay policy should be applied to itself and any child frames would be written thusly: <iframe width="300" height="200" src="mediaplayer.html" allow="autoplay 'src' https://example.media...
...the http
header is: feature-policy: autoplay 'none' using the <iframe>'s allow attribute: <iframe src="mediaplayer.html" allow="autoplay 'none'"> </iframe> best practices tips and recommended best practices to help you make the most of working with autoplay are offered here.
Getting started - SVG: Scalable Vector Graphics
for normal svg files, servers should send the http
headers: content-type: image/svg+xml vary: accept-encoding for gzip-compressed svg files, servers should send the http
headers: content-type: image/svg+xml content-encoding: gzip vary: accept-encoding you can check that your server is sending the correct http
headers with your svg files by using the network monitor panel or a site such as websniffer.cc.
... submit the url of one of your svg files and look at the http response
headers.
... if you find that your server is not sending the
headers with the values given above, then you should contact your web host.
...if your server is not configured to send the correct
headers with the svg files it serves, then firefox will most likely show the markup of the files as text or encoded garbage, or even ask the viewer to choose an application to open them.
Dialogs and Prompts - Archive of obsolete content
using <dialog
header> you can use the dialog
header element to add "
headers" to windows.
...the
header to the right of the sections buttons is made with <dialog
header>: <dialog
header title="general" description="whatever"/> note, that you should only use this element in a <dialog>, because otherwise it may be not styled properly.
... programmatic button access if you want to access the accept ("ok") and cancel buttons from script, use this: // disable the ok and cancel btns document.documentelement.getbutton("accept").disabled = true; document.documentelement.getbutton("cancel").disabled = true; links dialog.xml — xbl bindings for <dialog> and <dialog
header> elements.
Using Dependent Libraries In Extension Components - Archive of obsolete content
static void* lookupsymbol(const mach_
header* alib, const char* asymbolname); extern "c" ns_export nsresult nsgetmodule(nsicomponentmanager* acompmgr, nsifile* alocation, nsimodule* *aresult) { nsresult rv; // this is not the real component.
... } library->setnativeleafname(ns_literal_cstring(krealcomponent)); rv = library->getnativepath(path); if (ns_failed(rv)) return rv; const mach_
header * componentlib = nsaddimage(path.get(), nsaddimage_option_return_on_error | nsaddimage_option_with_searching | nsaddimage_option_match_filename_by_installname); if (componentlib == null) return ns_error_unexpected; //find the nsgetmodule procedure of the real component and “pass the buck”.
...static void* lookupsymbol(const mach_
header* alib, const char* asymbolname) { nssymbol sym = nsnull; if (alib) { sym = nslookupsymbolinimage(alib, asymbolname, nslookupsymbolinimage_option_bind | nslookupsymbolinimage_option_return_on_error); } if (!sym) return nsnull; return nsaddressofsymbol(sym); } notes code samples are licensed under the mit license.
Inner-browsing extending the browser navigation paradigm - Archive of obsolete content
webmail application the flexibility to easily access and manage all message
headers in mail applications (like netscape mail or eudora) is probably one of the useful features when compared with web-based mail applications.
...you receive a new page with the next block of message
headers.
...with inner browsing, a simple request to retrieve the next set of message
headers that replace the currently viewed message
headers can dramatically improve user experience.
Compiling The npruntime Sample Plugin in Visual Studio - Archive of obsolete content
that the resulting dll filename must start with "np", so either call your project like this or rename the file later delete the .cpp and .h and readme files from the project and disk (if you did not create an empty project) copy the npruntime sample plugin source code into the dir of the new vs project and add the files to the project using the vs gui (.cpp files to "source files", .h files to "
header files", .rc file to "resource files").
... add the npapi sdk include path (example : c:\npapi-sdk\
headers) to project properties|(all configurations)|c++|general|additional include directories.
... add the following preprocessor definitions to project properties|(all configurations)|c++|preprocessor|preprocessor definitions: win32;_windows;xp_win32;xp_win;_x86_;npsimple_exports disable precompiled
headers using project properties|(all configurations)|c++|precompiled
headers|create/use precompiled
header.
Hidden prefs - Archive of obsolete content
mail composition "other
header" pref ("mail.compose.other.
header") the format for this a comma delimited list of mail
headers, like "approved,x-no-archive" an example for your prefs.js would be: user_pref("mail.compose.other.
header", "approved"); this will cause "approved" to show up in the compose window address picker, under to:, cc:, bcc:, newsgroup:, etc.
... for example: when that mail gets sent, approved: test@test.com will be in the message in the
headers.
...| mail & newsgroups | addressing" "other compose
header" pref from mailnews.js: // you can specify a comma delimited list of optional
headers // this will show up in the address picker in the compose window // examples: "x-face" or "approved" pref("mail.compose.other.
header", "approved,x-no-archive"); ...
Message Summary Database - Archive of obsolete content
message
headers the message
header object implements the nsimsgdbhdr interface.
... this includes a set of per-message flags, the more commonly used
headers (e.g., subject, sender, from, to, cc, date, etc), and a few other attributes, e.g., keywords.
... there are a set of generic property methods so that core code and extensions can set attributes on msg
headers without changing nsimsghdr.idl.msg threads we store thread information persistently in the database and expose these object through the [nsimsgthread interface.
New Skin Notes - Archive of obsolete content
--dria
headers need a little padding.
...--dria
headers which are also links that point to as-yet-unwritten wiki pages are colored as though they actually do exist.
... skin designed with simplicity in mind -- minimal
header, nav, footer -- plausibly good for alternate or small screen display, or people who prefer more straight-up formatting for on-screen docs.
Table Cellmap - Archive of obsolete content
tables with footers,
headers etc.
... take the same table and adder a
header <table> <thead> <tr><td>head cell 1</td><td>head cell 2</td></tr> </thead> <tbody> <tr><td>cell 1</td><td>cell 2</td></tr> <tr><td>cell 3</td><td>cell 4</td></tr> </tbody> </table> now we have two different rowgroups and and the rowspans can not cross the borders between the different rowgroups.
...further the table
header and footer will be repeated on every page when printed out.
treecol.src - Archive of obsolete content
« xul reference home src type: uri set this attribute to have the treecol element use an image for the
header instead of a label.
... you cannot have both an image and a label displayed in the
header.
... set this to the url of an image to appear on the tree column
header.
Sorting Results - Archive of obsolete content
the user can change the sort column and direction by clicking the column
headers, however, you can programmatically change the sort as well.
...if the tree is sorted by name, and the user clicks on the date column
header, the sort will change to the date column.
...the tree will change both attributes as necessary automatically when the column
headers are clicked or the tree is sorted by other means.
More Tree Features - Archive of obsolete content
(note the mixed case.) if set to true, the user may drag the column
headers around to rearrange the order of the columns.
...a small notch will appear in between each column
header which the user may drag to change the width of a column.
...the user can choose to show the column by selecting it from the drop-down on the end of the
header row.
XUL Questions and Answers - Archive of obsolete content
the following is the code they wrote: <?xml version="1.0"?> <?xml-stylesheet href="chrome://global/skin/" type="text/css"?> <window id="test-window" title="check list test" xmlns:html="http://www.w3.org/1999/xhtml" xmlns="http://www.mozilla.org/keymaster/gat...re.is.only.xul"> <listbox rows="4"> <listhead> <list
header label="multi-column"/> </listhead> <listcols> <listcol flex="1"/> </listcols> <listitem> <listcell type="checkbox" value="1" label="vghkvghk"/> </listitem> <listitem> <listcell type="checkbox" value="2" label="vghjkvk" checked="true"/> </listitem> <listitem> <listcell type="checkbox" value="3" label="hukfzgjcfj" disabled="true"/> </listitem> </listbox> <l...
...istbox rows="4"> <listhead> <list
header label="single-column"/> </listhead> <listitem type="checkbox" value="1" label="vghkvghk"/> <listitem type="checkbox" value="2" label="vghjkvk" checked="true"/> <listitem type="checkbox" value="3" label="hukfzgjcfj" disabled="true"/> </listbox> </window> list box handlers can only check for listitems not listcells.
... too specific questions or unclear answers how do i remove the file location
header included in the default printing setting?
XUL Reference - Archive of obsolete content
« xul reference « alphabetical list of all xul elements action arrowscrollbox assign bbox binding bindings box broadcaster broadcasterset button browser checkbox caption clicktoscroll colorpicker column columns commandset command conditions content datepicker deck description dialog dialog
header dropmarker editor grid grippy groupbox hbox iframe image key keyset label listbox listcell listcol listcols listhead list
header listitem member menu menubar menuitem menulist menupopup menuseparator notification notificationbox observes overlay page panel param popupset preference preferences prefpane prefwindow progressmeter query queryset radio radiogroup resizer richlistbox richlistitem row rows rule scale script...
...anels tabs controls --- text and images label caption image lists --- trees --- layout --- templates --- scripting --- helper elements other xul lists dialog overlay page window wizard wizardpage preference preferences prefpane prefwindow browser tabbrowser editor iframe titlebar resizer statusbar statusbarpanel dialog
header notification notificationbox menubar menu menuitem menuseparator menupopup panel tooltip popupset toolbar toolbarbutton toolbargrippy toolbaritem toolbarpalette toolbarseparator toolbarset toolbarspacer toolbarspring toolbox tabbox tabs tab tabpanels tabpanel groupbox caption separator spacer button checkbox colorpicker datepicker menulist progressmeter radio ...
...radiogroup scale splitter textbox textbox (firefox autocomplete) textbox (mozilla autocomplete) timepicker description label image listbox listitem listcell listcol listcols listhead list
header richlistbox richlistitem tree treecell treechildren treecol treecols treeitem treerow treeseparator box hbox vbox bbox deck stack grid columns column rows row scrollbox action assign binding bindings conditions content member param query queryset rule template textnode triple where script commandset command broadcaster broadcasterset observes key keyset stringbundle stringbundleset arrowscrollbox dropmarker grippy scrollbar scrollcorner spinbuttons all attributes all properties all methods attributes defined for all xul elements sty...
listhead - Archive of obsolete content
« xul reference home [ examples | attributes | properties | methods | related ] a
header row of a listbox.
... it is usual to place list
header elements inside the listhead, one for each column.
...), isequalnode, issamenode, issupported(), lookupnamespaceuri, lookupprefix, normalize(), queryselector(), queryselectorall(), removeattribute(), removeattributenode(), removeattributens(), removechild(), removeeventlistener(), replacechild(), setattribute(), setattributenode(), setattributenodens(), setattributens(), setuserdata related elements listbox, listcell, listcol, listcols, list
header, listitem ...
tree - Archive of obsolete content
relevant accessbility guidelines provide alternative access (for example, via menus) to column picker and for
header behaviors like sorting (these have no default keyboard access).
... enablecolumndrag type: boolean when set to true, the user may drag the column
headers around to change the order in which they are displayed.
... enablecolumndrag type: boolean when set to true, the user may drag the column
headers around to change the order in which they are displayed.
Using XForms and PHP - Archive of obsolete content
to do that, you need to use the
header() php function: <?php
header("content-type: application/xhtml+xml; charset=utf-8"); ...
... ?> but remember this (quote from php documentation): remember that
header() must be called before any actual output is sent, either by normal html tags, blank lines in a file, or from php.
... it is a very common error to read code with include(), or require(), functions, or another file access function, and have spaces or empty lines that are output before
header() is called.
Cacheable - MDN Web Docs Glossary: Definitions of Web-related terms
a response to a post or patch request can also be cached if freshness is indicated and the content-location
header is set, but this is rarely implemented.
... there are specific
headers in the response, like cache-control, that prevents caching.
...moreover, it invalidates cached data for request to the same uri done via head or get: put /pagex.html http/1.1 (…) 200 ok (…) a specific cache-control
header in the response can prevent caching: get /pagex.html http/1.1 (…) 200 ok cache-control: no-cache (…) ...
WAI-ARIA basics - Learn web development
let's look at an example — our website-no-roles example (see it live) has the following structure: <
header> <h1>...</h1> <nav> <ul>...</ul> <form> <!-- search form --> </form> </nav> </
header> <main> <article>...</article> <aside>...</aside> </main> <footer>...</footer> if you try testing the example with a screenreader in a modern browser, you'll already get some useful information.
... for example, voiceover gives you the following: on the <
header> element — "banner, 2 items" (it contains a heading and the <nav>).
...you can try taking a copy of our original files (see index.html and style.css), or navigating to our website-aria-roles example (see it live), which has a structure like this: <
header> <h1>...</h1> <nav role="navigation"> <ul>...</ul> <form role="search"> <!-- search form --> </form> </nav> </
header> <main> <article role="article">...</article> <aside role="complementary">...</aside> </main> <footer>...</footer> we've also given you a bonus feature in this example — the <input> element has been given the attribute aria-label, which gives it a ...
Styling tables - Learn web development
set borders on table elements, they will all have spacing between them, as the below image illustrates: this doesn't look very nice (although it might be the look you want, who knows?) with border-collapse: collapse; set, the borders collapse down into one, which looks much better: we've put a border around the whole table, which is needed because we'll be putting some borders round the table
header and footer later on — it looks really odd and disjointed when you don't have a border round the whole outside of the table and end up with gaps.
... we've added a background-image to the <thead> and <tfoot>, and changed the color of all the text inside the
header and footer to white (and given it a text-shadow) so it is readable.
... we've also added a linear gradient to the <th> and <td> elements inside the
header and footer for a nice bit of texture, as well as giving those elements a bright purple border.
Sending forms through JavaScript - Learn web development
something went wrong.' ); } ); // set up our request xhr.open( 'post', 'https://example.com/cors.php' ); // add the required http
header for form data post requests xhr.setrequest
header( 'content-type', 'application/x-www-form-urlencoded' ); // finally, send our data.
...something went wrong.' ); } ); // set up our request xhr.open( 'post', 'https://example.com/cors.php' ); // send our formdata object; http
headers are set automatically xhr.send( fd ); } btn.addeventlistener( 'click', function() { senddata( {test:'ok'} ); } ) here's the live result: using formdata bound to a form element you can also bind a formdata object to an <form> element.
...something went wrong.' ); } ); // set up our request xhr.open( 'post', 'https://example.com/cors.php' ); // add the required http
header to handle a multipart form data post request xhr.setrequest
header( 'content-type','multipart/form-data; boundary=' + boundary ); // and finally, send our data.
Introduction to HTML - Learn web development
is it part of a table?), structure a document into logical sections (does it have a
header?
... document and website structure as well as defining individual parts of your page (such as "a paragraph" or "an image"), html is also used to define areas of your website (such as "the
header," "the navigation menu," or "the main content column.") this article looks into how to plan a basic website structure and how to write the html to represent this structure.
... structuring a page of content this assessment tests your ability to use html to structure a simple page of content, containing a
header, a footer, a navigation menu, main content, and a sidebar.
From object to iframe — other embedding technologies - Learn web development
configure csp directives csp stands for content security policy and provides a set of http
headers (metadata sent along with your web pages when they are served from a web server) designed to improve the security of your html document.
... when it comes to securing <iframe>s, you can configure your server to send an appropriate x-frame-options
header.
... note: you can read frederik braun's post on the x-frame-options security
header for more background information on this topic.
Client-Server Overview - Learn web development
the first part is called the
header, and contains useful information about the request, in the same way that an html head contains useful information about an html document (but not the actual content itself, which is in the body): get https://developer.mozilla.org/search?q=client+server+overview&topic=apps&topic=html&topic=css&topic=js&topic=api&topic=webdev http/1.1 host: developer.mozilla.org connection: keep-alive pragma: no-c...
...the
header contains information like the following: the first line includes the response code 200 ok, which tells us that the request succeeded.
... the remainder of the response
header includes information about the response (e.g.
Website security - Learn web development
as a defense, your site can prevent itself from being embedded in an iframe in another site by setting the appropriate http
headers.
...this includes, but is not limited to data in url parameters of get requests, post requests, http
headers and cookies, and user-uploaded files.
...this ensures that login credentials, cookies, post requests data and
header information are not easily available to attackers.
Framework main features - Learn web development
the following shows a simple jsx example: const subject = "world"; const
header = ( <
header> <h1>hello, {subject}!</h1> </
header> ); this expression represents an html <
header> element with a <h1> element inside.
... when used with react, the jsx from the previous snippet would be compiled into this: var subject = "world"; var
header = react.createelement("
header", null, react.createelement("h1", null, "hello, ", subject, "!") ); when ultimately rendered by the browser, the above snippet will produce html that looks like this: <
header> <h1>hello, world!</h1> </
header> handlebars the handlebars templating language is not specific to ember applications, but it is heavily utilized in ember apps.
... given this handlebars template: <
header> <h1>hello, {{subject}}!</h1> </
header> and this data: { subject: "world" } handlebars will build html like this: <
header> <h1>hello, world!</h1> </
header> typescript typescript is a superset of javascript, meaning it extends javascript — all javascript code is valid typescript, but not the other way around.
Frequently Asked Questions for Lightweight themes
lightweight themes change the
header area of your browser, including the tab text color and the background tab colors.
...preview any theme by clicking "tap to preview"; the design appears in your browser
header so you can "try it on." when you're ready, just click the blue install theme button.
... the theme you upload may not exceed 300 kb for the
header or the footer image.
How Mozilla's build system works
this is when
header files are installed, c++ files are compiled, files are preprocessed, and so on.
...this naming, however, can be misleading because all three sub-tiers are part of the build: export is used to do things like copy
headers into place.
... makefile examples standard makefile
header installing
headers using exports compiling interfaces using xpidlsrcs installing a javascript component building a component dll building a static library building a dynamic library makefiles - best practices and suggestions makefile - targets makefile - variables, values makefile - *.mk files & user config building libraries there are three main types of libraries that are built in ...
Old Thunderbird build
to build on windows, please read the prerequisites so you don't skip preparing the mapi
headers needed to compile thunderbird.
... on windows: check that the mapi
header files from https://www.microsoft.com/en-us/download/details.aspx?id=12905 are installed because the mapi
header files are not bundled with visual studio 2013/2015 (windows sdk 8.1/10).
... you should copy the
header files to a windows sdk include directory so that the build process will find the files, for example to c:\program files (x86)\windows kits\8.1\include\shared and/or c:\program files (x86)\windows kits\10\include\10.0.nnnnn.0\shared respectively, where nnnnn is the highest number present on the system.
Simple Thunderbird build
windows build prerequisites gnu/linux build prerequisites macos build prerequisites mapi
headers on windows: check that the mapi
header files from https://www.microsoft.com/en-us/download/details.aspx?id=12905 are installed because the mapi
header files (except mapi.h) are not bundled with visual studio 2017 (windows sdk 10).
... you should copy 17 of the 18
header files to a windows sdk include directory so that the build process will find the files, that is c:\program files (x86)\windows kits\10\include\10.0.nnnnn.0\shared, where nnnnn is the highest number present on the system.
... note that the downloaded outlook 2010 mapi
header files contain 18 fies, of which only 17 are needed.
Eclipse CDT Manual Setup
that object directory is needed to resolve include paths to the various
headers that the build process generates/copies there.
...(see the
headers are only parsed once section below to understand why this step is important for people who have their object directory outside their source tree.) getting code assistance working you're now ready to get code assistance working.
... to improve code assistance even more, see the
headers are only parsed once subsection of the known issues section.
How Mozilla determines MIME Types
however, starting in mozilla 1.7alpha, mozilla does do content sniffing, like this: when the content-type sent by the server is one of (case-sensitively) text/plain text/plain; charset=iso-8859-1 text/plain; charset=iso-8859-1 and the server did not send a content-encoding
header, mozilla will sniff the first block of data it gets and check for non-text bytes.
... if the server did not send a content-type
header, mozilla uses the unknown decoder to find a mime type.
...note that the extension here comes from the content-disposition
header if present, and from the url itself otherwise.
Creating a New Protocol
building the new protocol to build the new protocol declaration and generate
headers, make in ipc/ipdl: make -c objdir/ipc/ipdl if there are any protocol-level errors, the ipdl compiler will print the relevant error messages and stop.
... to view the generated
headers, look in objdir/ipc/ipdl/_ipdl
headers .
...the method signatures can be read from the generated pnewprotocolparent.h and pnewprotocolchild.h
headers.
Http.jsm
httprequest supports the following parameters: name meaning
headers an array of
headers postdata this can be: a string: send it as is an array of parameters: encode as form values null/undefined: no post data.
...
headers or post data are given as an array of arrays, for each inner array the first value is the key and the second is the value.
...in this case, the content type may be set through the
headers parameter.
NSS_3.12.1_release_notes.html
the tar.gz or zip file expands to an nss-3.12.1 directory containing three subdirectories: include - nss
header files lib - nss shared libraries bin - nss tools and test programs you also need to download the nspr 4.7.1 binary distributions to get the nspr 4.7.1
header files and shared libraries, which nss 3.12.1 requires.
...d given signercert) bug 414003: crash [[@ cert_decodecertpackage] sometimes with this testcase bug 415167: memory leak in certutil bug 417399: arena allocation results are not checked in pkix_pl_infoaccess_parselocation bug 420644: improve ssl tracing of key derivation bug 426886: use const char* in pk11_importcertforkey bug 428103: cert_encodesubjectkeyid is not defined in any public
header file bug 429716: debug builds of libpkix unconditionally dump socket traffic to stdout bug 430368: vfychain -t option is undocumented bug 430369: vfychain -o succeeds even if -pp is not specified bug 430399: vfychain -pp crashes bug 430405: error log is not produced by cert_pkixverifycert bug 430743: update ssltap to understand the tls session ticket extension bug 430859: pkix: poli...
...ed pkcs#11 object attribute values bug 434187: fix the gcc compiler warnings in nss/lib bug 434398: libpkix cannot find issuer cert immediately after checking it with ocsp bug 434808: certutil -b deadlock when importing two or more roots bug 434860: coverity 1150 - dead code in ocsp_createcertid bug 436428: remove unneeded assert from sec_pkcs7encryptlength bug 436430: make nss public
headers compilable with no_nspr_10_support defined bug 436577: uninitialized variable in sec_pkcs5createalgorithmid bug 438685: libpkix doesn't try all the issuers in a bridge with multiple certs bug 438876: signtool is still using static libraries.
NSS_3.12.3_release_notes.html
the tar.gz or zip file expands to an nss-3.12.3 directory containing three subdirectories: include - nss
header files lib - nss shared libraries bin - nss tools and test programs you also need to download the nspr 4.7.4 binary distributions to get the nspr 4.7.4
header files and shared libraries, which nss 3.12.3 requires.
...s ec private key as an orphan bug 453234: support for seed cipher suites to tls rfc4010 bug 453364: improve pk11_cipherop error reporting (was: pk11_createcontextbysymkey returns null bug 456406: slot list leaks in symkeyutil bug 461085: rfe: export function cert_comparecerts bug 462293: crash on fork after softoken is dlclose'd on some unix platforms in nss 3.12 bug 463342: move some
headers to freebl/softoken bug 463452: sql db creation does not set files protections to 0600 bug 463678: need to add rpath to 64-bit libraries on hp-ux bug 464088: option to build nss without dbm (handy for wince) bug 464223: certutil didn't accept certificate request to sign.
... bug 484425: need accessor function to retrieve symkey handle bug 484466: sec_error_invalid_args with nss_enable_pkix_verify=1 bug 485127: bltest crashes when attempting rc5_cbc or rc5_ecb bug 485140: wrong command line flags used to build intel-aes.s with solaris gas for x86_64 bug 485370: crash bug 485713: files added by red hat recently have missing texts in license
headers.
Necko walkthrough
but the interface for clients of necko is important to consider: send request uri helps creates channel setup channel (
headers, request data, response callback...) channel->asyncopen.
... receive response get a callback to each of these: nsistreamlistener::onstartrequest (
header info) nsistreamlistener::ondataavailable (data in single or multiple chunks) nsistreamlistener::onstoprequest (no more data from http) this all happens on the main thread, in a non-blocking fashion: make your request on the main thread, then carry on and get the async response later, also on the main thread.
...channel checks if we're proxying or not fires off the dns prefetch request (dispatched to dns thread pool) some other things nshttpchannel::connect might to a speculativeconnect (pre open tcp socket) nshttpchannel::continueconnect some cache stuff nshttpchannel::setuptransaction creates new nshttptransaction, and inits it with mrequesthead (the request
headers) and muploadstream (which was created from the request data in channel setup) gets an nsiasyncinputstream (for the response; corresponds to the nspipeinputstream for the response stream pipe) passes it to nsinputstreampump nshttpchannel::ghttphandler->initiatetransaction (called from connect) this is the global nshttphandler object, which adds the transaction to the nshttpconne...
SpiderMonkey 24
the file must conform to the standard c99 <stdint.h>
header interface in all respects, providing all that
header's types and macro definitions.
... (the msstdint project includes an implementation of this
header for microsoft visual studio which demonstrates what the c99 interface looks like.) otherwise, if the compiler doesn't provide a usable <stdint.h>
header, a custom implementation shipped with the spidermonkey source is used.
... in the meantime moz_custom_stdint_h is intended to function as a bridge to always using the standard
header.
Mork
the grammar for mork is as follows: file =
header ( dictionary | table | group | row )*
header = '// <!-- <mdb:mork:z v="1.4"/> -->' dictionary = '<' ( metadictionary | alias )* '>' table = '{' '-'?
... hex = [0-9a-fa-f]+ name = [a-za-z_?:] [a-za-z_?:+-]* value is a string terminated by ')' (not consumed) where '\' quotes the next metacharacter and '$' quotes the next two hexadecimal digits as a value (e.g., $20 is a space) the first line in the file is the
header.
...the
header is: // <!-- <mdb:mork:z v="1.4"/> --> this file is therefore version 1.4 of the zany mork format for the message database.
Mozilla internal string guide
the
headers and implementation are in the xpcom/string directory.
...used for http
headers and for size-optimized storage in text node and spidermonkey strings.
... it is correct to use these on most http
header values, but it's always wrong to use these on http response bodies!
How to build a binary XPCOM component using Visual Studio
then make the following tweaks: add "..\gecko-sdk\include" to additional include directories add "..\gecko-sdk\lib" to additional library directories add "nspr4.lib xpcom.lib xpcomglue_s.lib" to additional dependencies add "xp_win;xp_win32″ to preprocessor definitions turn off precompiled
headers (just to keep it simple) use a custom build step for the xpcom idl file (spawns xpidl-build.bat to process the idl with mozilla toolset, not midl) vc++ express project: xpcom-test.zip note: the project uses xpcom_glue.
...the next step is to compile the idl into a type-library (*.xpt) and a c++
header file (*.h), which we can use to define our implementation object.
...the command executes xpidl.exe twice, like this: {path_to_geckosdk}\bin\xpidl.exe -m
header -i..\gecko-sdk\idl {your_idl_file} {path_to_geckosdk}\bin\xpidl.exe -m typelib -i..\gecko-sdk\idl {your_idl_file} the generated h file actually has a skeleton implementation (commented out).
Introduction to XPCOM for the DOM
at compile-time, the xpidl compiler will turn this interface definition into real c++ code, a
header file that will contain the pure abstract class.
... ns_idomfabian_iid \ {0xxxxxxxxx, 0xxxxx, 0xxxxx, \ { 0xxx, 0xxx, 0xxx, 0xxx, 0xxx, 0xxx, 0xxx, 0xxx }} class nsidomfabian : public nsisupports { public: ns_imethod fabian(void) = 0; ns_imethod getneat(prbool *aneat) = 0; }; #define ns_decl_nsidomfabian #define ns_forward_nsidomfabian(_to) #define ns_forward_safe_nsidomfabian(_to) as we can see, the auto-generated
header file contains the iid of our interface, and a "pure abstract class" is correctly defined.
...if we look at any interface definition, in xpidl or as a
header, we can see that it always inherits from another interface.
nsIDocShell
pal, in domstring documenturi, in boolean create); nsidomstorage getsessionstorageforuri(in nsiuri uri, in domstring documenturi); void historypurged(in long numentries); void internalload(in nsiuri auri, in nsiuri areferrer, in nsisupports aowner, in pruint32 aflags, in wstring awindowtarget, in string atypehint, in nsiinputstream apostdatastream, in nsiinputstream a
headersstream, in unsigned long aloadflags, in nsishentry ashentry, in boolean firstparty, out nsidocshell adocshell, out nsirequest arequest); native code only!
...void internalload( in nsiuri auri, in nsiuri areferrer, in nsisupports aowner, in pruint32 aflags, in wstring awindowtarget, in string atypehint, in nsiinputstream apostdatastream, in nsiinputstream a
headersstream, in unsigned long aloadflags, in nsishentry ashentry, in boolean firstparty, out nsidocshell adocshell, out nsirequest arequest ); parameters auri the uri to load.
... apostdatastream post data stream (if posting) a
headersstream stream containing "extra" request
headers.
nsIMsgSearchTerm
defined in mozilla/ mailnews/ base/ search/ public/ nsimsgsearchterm.idl attributes attrib attribute nsmsgsearchattribvalue attrib; op attribute nsmsgsearchopvalue op; value attribute nsimsgsearchvalue value; booleanand attribute boolean booleanand; arbitrary
header attribute acstring arbitrary
header; hdrproperty /** * not to be confused with arbitrary
header, which is a
header in the * rfc822 message.
... this is a property of the nsimsgdbhdr, and may have * nothing to do the message
headers, e.g., gloda-id.
... * @param adb db containing msg
header.
nsINavHistoryResultViewObserver
inherits from: nsisupports last changed in gecko 1.9.0 method overview boolean candrop(in long index, in long orientation); void ondrop(in long row, in long orientation); void ontoggleopenstate(in long index); void oncycle
header(in nsitreecolumn column); void oncyclecell(in long row, in nsitreecolumn column); void onselectionchanged(); void onperformaction(in wstring action); void onperformactiononrow(in wstring action, in long row); void onperformactiononcell(in wstring action, in long row, in nsitreecolumn column); constants constant value description ...
... oncycle
header() called when a
header is clicked.
... void oncycle
header( in nsitreecolumn column ); parameters column the column whose
header was clicked.
nsITreeView
method overview boolean candrop(in long index, in long orientation, in nsidomdatatransfer datatransfer); boolean candropbeforeafter(in long index, in boolean before); obsolete since gecko 1.8 boolean candropon(in long index); obsolete since gecko 1.8 void cyclecell(in long row, in nsitreecolumn col); void cycle
header(in nsitreecolumn col); void drop(in long row, in long orientation, in nsidomdatatransfer datatransfer); astring getcellproperties(in long row, in nsitreecolumn col, in nsisupportsarray properties obsolete since gecko 22); astring getcelltext(in long row, in nsitreecolumn col); astring getcellvalue(in long row, in nsitreecolumn col); astring getcolumnpr...
... cycle
header() called on the view when a
header is clicked.
... void cycle
header( in nsitreecolumn col ); parameters col the column to cycle.
nsIUploadChannel
history here is that we need to support both streams that already have
headers (for example, content-type and content-length) information prepended to the stream (by plugins) as well as clients (composer, uploading application) that want to upload data streams without any knowledge of protocol specifications.
...acontenttype if acontenttype is empty, the protocol will assume that no content
headers are to be added to the uploaded stream and that any required
headers are already encoded in the stream.
... in the case of http, if this parameter is non-empty, then its value will replace any existing content-type
header on the http request.
nsIWebBrowserPersist
n nsichannel achannel, in nsisupports afile); void savedocument(in nsidomdocument adocument, in nsisupports afile, in nsisupports adatapath, in string aoutputcontenttype, in unsigned long aencodingflags, in unsigned long awrapcolumn); void saveuri(in nsiuri auri, in nsisupports acachekey, in nsiuri areferrer, in long areferrerpolicy, in nsiinputstream apostdata, in string aextra
headers, in nsisupports afile, in nsiloadcontext aprivacycontext); void saveprivacyawareuri(in nsiuri auri, in nsisupports acachekey, in nsiuri areferrer, in long areferrerpolicy, in nsiinputstream apostdata, in string aextra
headers, in nsisupports afile, in boolean aisprivate); attributes attribute type description currentstate unsigned long current state ...
... void saveuri( in nsiuri auri, in nsisupports acachekey, in nsiuri areferrer, in long areferrerpolicy, in nsiinputstream apostdata, in string aextra
headers, in nsisupports afile, in nsiloadcontext aprivacycontext ); parameters auri uri to save to file.
... aextra
headers additional
headers to supply with an http request or nsnull.
nsMsgSearchAttrib
const nsmsgsearchattribvalue label = 48; /* mail only...can search by label */ const nsmsgsearchattribvalue hdrproperty = 49; // uses nsimsgsearchterm::hdrproperty const nsmsgsearchattribvalue folderflag = 50; // uses nsimsgsearchterm::status const nsmsgsearchattribvalue uint32hdrproperty = 51; // uses nsimsgsearchterm::hdrproperty // 52 is for showing customize - in ui
headers start from 53 onwards up until 99.
... /** other
header must always be last attribute since * we can have an arbitrary # of these.
... */ const nsmsgsearchattribvalue other
header = 52; // must be last attribute const nsmsgsearchattribvalue knummsgsearchattributes = 100; }; ...
Using the Gecko SDK
the sdk contains
headers for all of the frozen interfaces and functions, and it also contains
headers for classes and functions defined in the glue libraries.
...every frozen interface or function will be labeled as such in the idl or
header file with "@status frozen".
...all nspr functions are frozen by default and are not marked as such in the respective
header files.) the glue library exists to make common tasks easier.
xpidl
it generates: c++
header files (.h), with a commented template for full c++ implementation of the interface xpconnect typelib files (.xpt), with runtime type information to dynamically call xpcom objects through xpconnect note: starting in gecko 9.0, xpidl has been replaced with pyxpidl in the gecko sdk.
...the xpidl compiler is now part of the build process, allowing us to generate
headers used by the xpcom components.
...``/tmp/nsithing) for output -e use explicit output filename -d write dependencies (requires -e) -m specify output mode:
header generate c++
header (.h) typelib generate xpconnect typelib (.xpt) doc generate html documentation (.html) java generate java interface (.java) ...
MailNews fakeserver
for xpcshell tests in mailnews/news, all files in mailnews/news/test/postings/auto-add are automatically added based on the newsgroups
header.
...the only generated
header is lines.
... getarticle message id newsarticle object pretty self-explanatory newsarticle api name arguments returns notes [constructor] text (as a string) n/a initializes all fields
headers (property) map of
header (lower-case) -> value body (property) text of body messageid (property) message id fulltext (property) full text as message without modification except added
headers.
Main Windows
two are stacked showing either a brief or expanded view of the
headers.
...menus, toolbar buttons, and
headers are all taken from exactly the same overlays listed above though.
...two are stacked showing either a brief or expanded view of the
headers.
Message Interfaces
nsimsghdr nsimsghdr - this interface describes
headers for all mail messages.
... it can be used to retrieve address, subject and related
header information for a mail message.
... nsimsgdbhdr nsimsgdbhdr - this interface describes
headers for mail messages.
Standard OS Libraries
core foundation to learn about all the mac os x apis and which library file you will need to call, go to the mac developer library website and find the function, then scroll down to "declared in" section, and find which framework contains the
header file.
... example: cgeventgetlocation for example, cgeventgetlocation function is declared in cgevent.h
header file, which is contained in coregraphics.framework.
... ctypes.void_t, cgeventref); let event = cgeventcreate(null); let cursor = cgeventgetlocation(event); cfrelease(event); components.utils.reporterror(cursor); coregraphics.close(); corefoundation.close(); resources for core foundation github :: philikon - osxtypes - javascript modules are auto-generated from the os x
header files githubgists :: noitidart / search · corefoundation - corefoundation js-ctypes snippets that can be copied and pasted to scratchpad cocoa see using objective-c from js-ctypes for more info.
Migrating from Firebug - Firefox Developer Tools
they contain a
headers, params, response and cookies panel.
...in the network monitor the address is shown at remote address in the
headers tab when a request is selected.
... the devtools don't show by default whether a cookie is secure, but this can be enabled by right-clicking the table
header and checking secure from the context menu.
Cache.keys() - Web APIs
note: requests with duplicate urls but different
headers can be returned if their responses have the vary
header set on them.
... ignorevary: a boolean that, when set to true, tells the matching operation not to perform vary
header matching.
... in other words, if the url matches you will get a match regardless of whether the response object has a vary
header.
Cache.match() - Web APIs
ignorevary: a boolean that when set to true tells the matching operation not to perform vary
header matching — i.e.
... if the url matches you will get a match regardless of whether the response object has a vary
header.
... if (event.request.method === 'get' && event.request.
headers.get('accept').indexof('text/html') !== -1) { console.log('handling fetch event for', event.request.url); event.respondwith( fetch(event.request).catch(function(e) { console.error('fetch failed; returning offline page instead.', e); return caches.open(offline_cache).then(function(cache) { return cache.match(offline_url); }); }) ); } }); ...
Using the W3C DOM Level 1 Core - Web APIs
for example, the following document <html> <head> <title>my document</title> </head> <body> <h1>
header</h1> <p>paragraph</p> </body> </html> has a dom tree that looks like this: (note that, although the above tree is similar to the above document's dom tree, it's not identical, as the actual dom tree preserves whitespace.) when a web browser parses an html document, it builds a dom tree and then uses it to display the document.
... a simple example suppose the author wants to change the
header of the above document and write two paragraphs instead of one.
... the following script would do the job: html content <body> <input type="button" value="change this document." onclick="change()"> <h2>
header</h2> <p>paragraph</p> </body> javascript content function change() { // document.getelementsbytagname("h2") returns a nodelist of the <h2> // elements in the document, and the first is number 0: var
header = document.getelementsbytagname("h2").item(0); // the firstchild of the
header is a text node:
header.firstchild.data = "a dynamic document"; // now the
header is "a dynamic document".
Fetch API - Web APIs
it also defines related concepts such as cors and the http origin
header semantics, supplanting their separate definitions elsewhere.
...set-cookie
headers from other sites are silently ignored.
...
headers represents response/request
headers, allowing you to query them and take different actions depending on the results.
HTMLTableElement.createTHead() - Web APIs
if no
header exists in the table, this method creates it, and then returns it.
... note: if no
header exists, createthead() inserts a new
header directly into the table.
... the
header does not need to be added separately as would be the case if document.createelement() had been used to create the new <thead> element.
PerformanceServerTiming - Web APIs
the performanceservertiming interface surfaces server metrics that are sent with the response in the server-timing http
header.
... this interface is restricted to the same origin, but you can use the timing-allow-origin
header to specify the domains that are allowed to access the server metrics.
... example given a server that sends the server-timing
header, for example a node.js server like this: const http = require('http'); function requesthandler(request, response) { const
headers = { 'server-timing': ` cache;desc="cache read";dur=23.2, db;dur=53, app;dur=47.2 `.replace(/\n/g, '') }; response.writehead(200,
headers); response.write(''); return settimeout(_ => { response.end(); }, 1000) }; http.createser...
RTCRtpCapabilities - Web APIs
an rtcrtpcapabilities object contains an array of objects conforming to rtcrtpcodeccapability (each describing the capabilities of one codec) and an array of the supported rtp
header extensions for that codec.
...
headerextensions an array of objects conforming to the rtcrtp
headerextensioncapability dictionary.
... each object contains a single domstring, uri, specifying the uri of the
header extension, as described in rfc 5285.
Request.mode - Web APIs
no-cors — prevents the method from being anything other than head, get or post, and the
headers from being anything other than simple
headers.
... if any serviceworkers intercept these requests, they may not add or override any
headers except for those that are simple
headers.
...only a limited set of
headers are exposed in the response, but the body is readable.
Writing a WebSocket server in C# - Web APIs
you must: obtain the value of the "sec-websocket-key" request
header without any leading or trailing whitespace concatenate it with "258eafa5-e914-47da-95ca-c5ab0dc85b11" (a special guid specified by rfc 6455) compute sha-1 and base64 hash of the new value write the hash back as the value of "sec-websocket-accept" response
header in an http response if (new system.text.regularexpressions.regex("^get").ismatch(data)) { const string eol = "\r\n"; // http/1...
...obtain the value of the "sec-websocket-key" request
header without any leading or trailing whitespace // 2.
...write the hash back as the value of "sec-websocket-accept" response
header in an http response string swk = regex.match(s, "sec-websocket-key: (.*)").groups[1].value.trim(); string swka = swk + "258eafa5-e914-47da-95ca-c5ab0dc85b11"; byte[] swkasha1 = system.security.cryptography.sha1.create().computehash(encoding.utf8.getbytes(swka)); string swkasha1base64 = convert.tobase64string(swkasha1); // http/1.1 defines the sequence cr lf as the end-of-line marker byte[] response = encoding.utf8.getbytes( ...
Sending and Receiving Binary Data - Web APIs
var req = new xmlhttprequest(); req.open("post", url, true); // set
headers and mime-type appropriately req.setrequest
header("content-length", 741); req.sendasbinary(abody); line 4 sets the content-length
header to 741, indicating that the data is 741 bytes long.
...in that case, you don't have to set the content-length
header yourself, as the information is fetched from the stream automatically: // make a stream from a file.
...*/ req.setrequest
header('content-type', mimetype); req.send(stream); ...
XMLHttpRequest.withCredentials - Web APIs
the xmlhttprequest.withcredentials property is a boolean that indicates whether or not cross-site access-control requests should be made using credentials such as cookies, authorization
headers or tls client certificates.
...the third-party cookies obtained by setting withcredentials to true will still honor same-origin policy and hence can not be accessed by the requesting script through document.cookie or from response
headers.
... note: xmlhttprequest responses from a different domain cannot set cookie values for their own domain unless withcredentials is set to true before making the request, regardless of access-control-
header values.
Using the aria-labelledby attribute - Accessibility
oth its own individual label and by the label for the group: <div id="mybillingid">billing</div> <div> <div id="mynameid">name</div> <input type="text" aria-labelledby="mybillingid mynameid"/> </div> <div> <div id="myaddressid">address</div> <input type="text" aria-labelledby="mybillingid myaddressid"/> </div> example 2: associating headings with regions in the example below,
header elements are associated with the content they head.
... note that the region being referenced is the region that contains the
header.
...xample 3: radio groups in the example below, the container of a radiogroup is associated with its label using the aria-labelledby attribute: <div id="radio_label">my radio label</div> <ul role="radiogroup" aria-labelledby="radio_label"> <li role="radio">item #1</li> <li role="radio">item #2</li> <li role="radio">item #3</li> </ul> example 4: dialog label in the example below, the
header element that labels the dialog is referred to by the aria-labelledby attribute: <div role="dialog" aria-labelledby="dialog
header"> <h2 id="dialog
header">choose a file</h2> ...
Accessibility documentation index - Accessibility
56 aria: cell role aria, html, cell, table the cell value of the aria role attribute identifies an element as being a cell in a tabular container that does not contain column or row
header information.
...a row contains one or more cells, grid cells or column
headers, and possibly a row
header, within a grid, table or treegrid, and optionally within a rowgroup.
...a rowgroup contains one or more rows of cells, grid cells, column
headers, or row
headers within a grid, table or treegrid.
grid-template - CSS: Cascading Style Sheets
/ grid-template: 100px 1fr / 50px 1fr; grid-template: auto 1fr / auto 1fr auto; grid-template: [linename] 100px / [columnname1] 30% [columnname2] 70%; grid-template: fit-content(100px) / fit-content(40%); /* grid-template-areas grid-template-rows / grid-template-column values */ grid-template: "a a a" "b b b"; grid-template: "a a a" 20% "b b b" auto; grid-template: [
header-top] "a a a" [
header-bottom] [main-top] "b b b" 1fr [main-bottom] / auto 1fr auto; /* global values */ grid-template: inherit; grid-template: initial; grid-template: unset; values none is a keyword that sets all three longhand properties to none, meaning there is no explicit grid.
...<track-size> ]+ <line-names>?where <track-breadth> = <length-percentage> | <flex> | min-content | max-content | auto<inflexible-breadth> = <length> | <percentage> | min-content | max-content | autowhere <length-percentage> = <length> | <percentage> examples defining a grid template css #page { display: grid; width: 100%; height: 200px; grid-template: [
header-left] "head head" 30px [
header-right] [main-left] "nav main" 1fr [main-right] [footer-left] "nav foot" 30px [footer-right] / 120px 1fr; }
header { background-color: lime; grid-area: head; } nav { background-color: lightblue; grid-area: nav; } main { background-color: yellow; grid-area: main; } footer { background-color: red...
...; grid-area: foot; } html <section id="page"> <
header>
header</
header> <nav>navigation</nav> <main>main area</main> <footer>footer</footer> </section> result specifications specification status comment css grid layoutthe definition of 'grid-template' in that specification.
Content categories - Developer guides
they are: <a>, <abbr>, <address>, <article>, <aside>, <audio>, <b>,<bdo>, <bdi>, <blockquote>, <br>, <button>, <canvas>, <cite>, <code>, <command>, <data>, <datalist>, <del>, <details>, <dfn>, <div>, <dl>, <em>, <embed>, <fieldset>, <figure>, <footer>, <form>, <h1>, <h2>, <h3>, <h4>, <h5>, <h6>, <
header>, <hgroup>, <hr>, <i>, <iframe>, <img>, <input>, <ins>, <kbd>, <keygen>, <label>, <main>, <map>, <mark>, <math>, <menu>, <meter>, <nav>, <noscript>, <object>, <ol>, <output>, <p>, <picture>, <pre>, <progress>, <q>, <ruby>, <s>, <samp>, <script>, <section>, <select>, <small>, <span>, <strong>, <sub>, <sup>, <svg>, <table>, <template>, <textarea>, <time>, <ul>, <var>, <video>, <wbr> and text.
...long to this category, but only if a specific condition is fulfilled: <area>, if it is a descendant of a <map> element <link>, if the itemprop attribute is present <meta>, if the itemprop attribute is present <style>, if the scoped attribute is present sectioning content elements belonging to the sectioning content model create a section in the current outline that defines the scope of <
header> elements, <footer> elements, and heading content.
... though likely to contain heading content, the <
header> is not heading content itself.
XHTML - Developer guides
the following example shows an html document and corresponding "xhtml" document, and the accompanying http content-type
headers they should be served with.
...tml document</p> </body> </html> xhtml document content-type: application/xhtml+xml <?xml version="1.0" encoding="utf-8"?> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head> <title>xhtml</title> </head> <body> <p>i am a xhtml document</p> </body> </html> in practice, very few "xhtml" documents are served over the web with a content-type: application/xhtml+xml
header.
... instead, even though the documents are written to conform to xml syntax rules, they are served with a content-type: text/html
header — so browsers parse those documents using html parsers rather than xml parsers, which can cause a variety of sometimes-very-surprising problems.
Allowing cross-origin use of images and canvas - HTML: Hypertext Markup Language
html provides a crossorigin attribute for images that, in combination with an appropriate cors
header, allows images defined by the <img> element that are loaded from foreign origins to be used in a <canvas> as if they had been loaded from the current origin.
... web server configuration the first thing we need is a server that's configured to host images with the access-control-allow-origin
header configured to permit cross-origin access to image files.
...consider the html5 boilerplate apache server configuration file for cors images, shown below: <ifmodule mod_setenvif.c> <ifmodule mod_
headers.c> <filesmatch "\.(bmp|cur|gif|ico|jpe?g|png|svgz?|webp)$"> setenvif origin ":" is_cors
header set access-control-allow-origin "*" env=is_cors </filesmatch> </ifmodule> </ifmodule> in short, this configures the server to allow graphic files (those with the extensions ".bmp", ".cur", ".gif", ".ico", ".jpg", ".jpeg", ".png", ".svg", ".svgz", and ".webp") to be accessed cross-origin from anywhere on the internet.
<footer> - HTML: Hypertext Markup Language
permitted content flow content, but with no <footer> or <
header> descendants.
...note that a <footer> element must not be a descendant of an <address>, <
header> or another <footer> element.
... webkit bugzilla: 146930 – ax: html native elements (
header, footer, main, aside, nav) should work the same as aria landmarks, sometimes they don't specifications specification status comment html living standardthe definition of '<footer>' in that specification.
<iframe>: The Inline Frame element - HTML: Hypertext Markup Language
referrerpolicy indicates which referrer to send when fetching the frame's resource: no-referrer: the referer
header will not be sent.
... no-referrer-when-downgrade (default): the referer
header will not be sent to origins without tls (https).
... strict-origin-when-cross-origin: send a full url when performing a same-origin request, only send the origin when the protocol security level stays the same (https→https), and send no
header to a less secure destination (https→http).
Standard metadata names - HTML: Hypertext Markup Language
referrer: controls the http referer
header for to requests sent from the document: values for the content attribute of <meta name="referrer"> no-referrer do not send a http referer
header.
...cross-origin requests will contain no referrer
header.
... some crawler robots, like google, yahoo and bing, support the same values for the http
header x-robots-tag; this allows non-html documents like images to use these rules.
<nextid>: The NeXT ID element (Obsolete) - HTML: Hypertext Markup Language
<form>, <input>, <textarea>, <select>, and <option> html version 2 strict level 1 this is like regular level 1 but it also excludes these depreciated elements, along with such constructs as nesting a
header (<h*> element) within a link (<a> element) html version 2 level 2 this is the default and includes and permits all html level 2 functions and elements and attributes html version 2 strict level 2 this excludes these depreciated elements and also forbids such constructs as nesting a
header (<h*> element) within a link (<a> element), or having a forms <input> element which is not within a block...
...the first of these would produce an entry in the table of contents like this: <a name="z0" href="#z4">first section name</a> and the section
header would be marked like this: <h2><a name="z4">first section name</a></h2>.
...next would then add, within the
header of the html document, a special tag, <nextid n="z8">, to inform where to continue its naming convention.
<script>: The Script element - HTML: Hypertext Markup Language
referrerpolicy indicates which referrer to send when fetching the script, or resources fetched by the script: no-referrer: the referer
header will not be sent.
... no-referrer-when-downgrade (default): the referer
header will not be sent to origins without tls (https).
... strict-origin-when-cross-origin: send a full url when performing a same-origin request, but only send the origin when the protocol security level stays the same (e.g.https→https), and send no
header to a less secure destination (e.g.
Link types - HTML: Hypertext Markup Language
this is especially useful when opening untrusted links, in order to ensure they cannot tamper with the originating document via the window.opener property (see about rel=noopener for more details), while still providing the referer http
header (unless noreferrer is used as well).
... <a>, <area>, <form> <link> noreferrer prevents the browser, when navigating to another page, to send this page address, or any other value, as referrer via the referer: http
header.
... note: if the x-pingback: http
header is also present, it supersedes the <link> element with this link type.
Compression in HTTP - HTTP
the browser sends an accept-encoding
header with the algorithm it supports and its order of precedence, the server picks one, uses it to compress the body of the response and uses the content-encoding
header to tell the browser the algorithm it has chosen.
... as content negotiation has been used to choose a representation based on its encoding, the server must send a vary
header containing at least accept-encoding alongside this
header in the response; that way, caches will be able to cache the different representations of the resource.
... to do this, http uses a mechanism similar to the content negotiation for end-to-end compression: the node transmitting the request advertizes its will using the te
header and the other node chooses the adequate method, applies it, and indicates its choice with the transfer-encoding
header.
Accept-CH-Lifetime - HTTP
the accept-ch-lifetime
header is set by the server to specify the persistence of accept-ch
header value that specifies for which client hints
headers client should include in subsequent requests.
...
header type response
header forbidden
header name ?
...accept-ch and accept-ch-lifetime
headers should be persisted for all secure requests to ensure client hints are sent reliably.
Accept-CH - HTTP
the accept-ch
header is set by the server to specify which client hints
headers a client should include in subsequent requests.
...
header type response
header forbidden
header name ?
...accept-ch and accept-ch-lifetime
headers should be persisted for all secure requests to ensure client hints are sent reliably.
Accept-Patch - HTTP
the accept-patch response http
header advertises which media-type the server is able to understand.
...two common cases lead to this: a server receiving a patch request with an unsupported media type could reply with 415 unsupported media type and an accept-patch
header referencing one or more supported media types.
...
header type response
header forbidden
header name yes syntax accept-patch: application/example, text/example accept-patch: text/example;charset=utf-8 accept-patch: application/merge-patch+json directives none examples accept-patch: application/example, text/example accept-patch: text/example;charset=utf-8 accept-patch: application/merge-patch+json specifications specification title rfc 5789, section 3.1: accept-patch ...
Access-Control-Request-Method - HTTP
the access-control-request-method request
header is used by browsers when issuing a preflight request, to let the server know which http method will be used when the actual request is made.
... this
header is necessary as the preflight request is always an options and doesn't use the same method as the actual request.
...
header type request
header forbidden
header name yes syntax access-control-request-method: <method> directives <method> one of the http request methods, for example get, post, or delete.
Alt-Svc - HTTP
the alt-svc http response
header is used to advertise alternative services through which the same resource can be reached.
...alternative service entries can be cached for up to <max-age> seconds, minus the age of the response (from the age
header).
... multiple entries can be specified in a single alt-svc
header using comma as separator.
CSP: referrer - HTTP
the http content-security-policy (csp) referrer directive used to specify information in the referer
header (with a single r as this was a typo in the original spec) for links away from a page.
... use the referrer-policy
header instead.
... syntax content-security-policy: referrer <referrer-policy>; where <referrer-policy> can be one of the following values: "no-referrer" the referer
header will be omitted entirely.
CSP: upgrade-insecure-requests - HTTP
the upgrade-insecure-requests directive will not ensure that users visiting your site via links on third-party sites will be upgraded to https for the top-level navigation and thus does not replace the strict-transport-security (hsts)
header, which should still be set with an appropriate max-age to ensure that users are not subject to ssl stripping attacks.
... syntax content-security-policy: upgrade-insecure-requests; examples //
header content-security-policy: upgrade-insecure-requests; // meta tag <meta http-equiv="content-security-policy" content="upgrade-insecure-requests"> with the above
header set on a domain example.com that wants to migrate from http to https, non-navigational insecure resource requests are automatically upgraded (first-party as well as third-party requests).
... <img src="https://example.com/image.png"> <img src="https://not-example.com/image.png"> navigational upgrades to third-party resources brings a significantly higher potential for breakage, these are not upgraded: <a href="https://example.com/">home</a> <a href="http://not-example.com/">home</a> finding insecure requests with the help of the content-security-policy-report-only
header and the report-uri directive, you can set-up an enforced policy and a reported policy like this: content-security-policy: upgrade-insecure-requests; default-src https: content-security-policy-report-only: default-src https:; report-uri /endpoint that way, you still upgrade insecure requests on your secure site, but the only monitoring policy is violated and reports insecure resources to your en...
Cookie - HTTP
the cookie http request
header contains stored http cookies previously sent by the server with the set-cookie
header.
... the cookie
header is optional and may be omitted if, for example, the browser's privacy settings block cookies.
...
header type request
header forbidden
header name yes syntax cookie: <cookie-list> cookie: name=value cookie: name=value; name2=value2; name3=value3 <cookie-list> a list of name-value pairs in the form of <cookie-name>=<cookie-value>.
Cross-Origin-Resource-Policy - HTTP
exercise caution using this
header in a production environment.
... the http cross-origin-resource-policy response
header conveys a desire that the browser blocks no-cors cross-origin/cross-site requests to the given resource.
...
header type response
header forbidden
header name no syntax cross-origin-resource-policy: same-site | same-origin | cross-origin examples the response
header below will cause compatible user agents to disallow cross-origin no-cors requests: cross-origin-resource-policy: same-origin for more examples, see https://resourcepolicy.fyi/.
DNT - HTTP
the dnt (do not track) request
header indicates the user's tracking preference.
...
header type request
header forbidden
header name yes syntax dnt: 0 dnt: 1 dnt: null directives 0 the user prefers to allow tracking on the target site.
... examples reading do not track status from javascript the user's dnt preference can also be read from javascript using the navigator.donottrack property: navigator.donottrack; // "0" or "1" specifications specification status comment tracking preference expression (dnt)the definition of 'dnt
header field for http requests' in that specification.
Early-Data - HTTP
the early-data
header is set by an intermediary to indicate that the request has been conveyed in tls early data, and also indicates that the intermediary understands the 425 (too early) status code.
... the early-data
header is not set by the originator of the request (i.e., a browser).
...
header type request
header forbidden
header name no syntax early-data: 1 examples get /resource http/1.0 host: example.com early-data: 1 specifications specification title rfc 8470, section 5.1: the early-data
header field using early data in http ...
Expires - HTTP
the expires
header contains the date/time after which the response is considered stale.
... if there is a cache-control
header with the max-age or s-maxage directive in the response, the expires
header is ignored.
...
header type response
header forbidden
header name no cors-safelisted response
header yes syntax expires: <http-date> directives <http-date> an http-date timestamp.
Feature-Policy: fullscreen - HTTP
the http feature-policy
header fullscreen directive controls whether the current document is allowed to use element.requestfullscreen().
...it can do so by delivering the following http response
header to define a feature policy: feature-policy: fullscreen 'self' https://example.com with an <iframe> element fastcorp inc.
...it can do so by delivering the following http response
header to define a feature policy: feature-policy: fullscreen 'self' then include an allow attribute on the <iframe> element: <iframe src="https://other.com/videoplayer" allow="fullscreen"></iframe> iframe attributes can selectively enable features in certain frames, and not in others, even if those frames contain documents from the same origin.
Feature-Policy: geolocation - HTTP
the http feature-policy
header geolocation directive controls whether the current document is allowed to use the geolocation interface.
...it can do so by delivering the following http response
header to define a feature policy: feature-policy: geolocation 'self' https://example.com with an <iframe> element fastcorp inc.
...it can do so by delivering the following http response
header to define a feature policy: feature-policy: geolocation 'self' then include an allow attribute on the <iframe> element: <iframe src="https://other.com/map" allow="geolocation"></iframe> iframe attributes can selectively enable features in certain frames, and not in others, even if those frames contain documents from the same origin.
If-Modified-Since - HTTP
the if-modified-since request http
header makes the request conditional: the server will send back the requested resource, with a 200 status, only if it has been last modified after the given date.
... if the request has not been modified since, the response will be a 304 without any body; the last-modified response
header of a previous request will contain the date of last modification.
...
header type request
header forbidden
header name no syntax if-modified-since: <day-name>, <day> <month> <year> <hour>:<minute>:<second> gmt directives <day-name> one of "mon", "tue", "wed", "thu", "fri", "sat", or "sun" (case-sensitive).
If-None-Match - HTTP
the if-none-match http request
header makes the request conditional.
...note that the server generating a 304 response must generate any of the following
header fields that would have been sent in a 200 (ok) response to the same request: cache-control, content-location, date, etag, expires, and vary.
...
header type request
header forbidden
header name no syntax if-none-match: "<etag_value>" if-none-match: "<etag_value>", "<etag_value>", … if-none-match: * directives <etag_value> entity tags uniquely representing the requested resources.
If-Range - HTTP
the if-range http request
header makes a range request conditional: if the condition is fulfilled, the range request will be issued and the server sends back a 206 partial content answer with the appropriate body.
... this
header can be used either with a last-modified validator, or with an etag, but not with both.
...
header type request
header forbidden
header name no syntax if-range: <day-name>, <day> <month> <year> <hour>:<minute>:<second> gmt if-range: <etag> directives <etag> an entity tag uniquely representing the requested resource.
If-Unmodified-Since - HTTP
the if-unmodified-since request http
header makes the request conditional: the server will send back the requested resource, or accept it in the case of a post or another non-safe method, only if it has not been last modified after the given date.
... in conjunction with a range request with a if-range
header, it can be used to ensure that the new fragment requested comes from an unmodified document.
...
header type request
header forbidden
header name no syntax if-unmodified-since: <day-name>, <day> <month> <year> <hour>:<minute>:<second> gmt directives <day-name> one of "mon", "tue", "wed", "thu", "fri", "sat", or "sun" (case-sensitive).
Link - HTTP
the http link entity-
header field provides a means for serialising one or more links in http
headers.
... parameters the link
header contains parameters, which are separated with ; and are equivalent to attributes of the <link> element.
...k: https://bad.example; rel="preconnect" specifying multiple links you can specify multiple links separated by commas, for example: link: <https://one.example.com>; rel="preconnect", <https://two.example.com>; rel="preconnect", <https://three.example.com>; rel="preconnect" specifications specification status comments rfc 8288, section 3: link serialisation in http
headers ietf rfc rfc 5988, section 5: the link
header field ietf rfc initial definition ...
Proxy-Authenticate - HTTP
the http proxy-authenticate response
header defines the authentication method that should be used to gain access to a resource behind a proxy server.
... the proxy-authenticate
header is sent along with a 407 proxy authentication required.
...
header type response
header forbidden
header name no syntax proxy-authenticate: <type> realm=<realm> directives <type> authentication type.
Sec-Fetch-Dest - HTTP
the sec-fetch-dest fetch metadata
header indicates the request's destination, that is how the fetched data will be used.
...
header type fetch metadata request
header forbidden
header name yes, since it has prefix sec- cors-safelisted request
header syntax sec-fetch-dest: audio sec-fetch-dest: audioworklet sec-fetch-dest: document sec-fetch-dest: embed sec-fetch-dest: empty sec-fetch-dest: font sec-fetch-dest: image sec-fetch-dest: manifest sec-fetch-dest: nested-document sec-fetch-dest: object sec-fetch-dest: paintworklet sec-fetch-dest: report sec-fetch-dest: script sec-fetch-dest: serviceworker sec-fetch-dest: sharedworker sec-fetch-dest: style sec-fetch-dest: track sec-fetch-dest: video sec-fetch-dest: worker sec-fetch-dest: xslt sec-fetch-dest: audioworklet sec-fetch-dest: audioworklet values audio audioworklet document embed empty font image ...
... manifest object paintworklet report script serviceworker sharedworker style track video worker xslt nested-document examples todo specifications specification title fetch metadata request
headers the sec-fetch-dest http request
header ...
Sec-Fetch-Site - HTTP
the sec-fetch-site fetch metadata
header indicates the relationship between a request initiator's origin and the origin of the resource.
...
header type fetch metadata request
header forbidden
header name yes, since it has prefix sec- cors-safelisted response
header cors-safelisted request
header syntax sec-fetch-site: cross-site sec-fetch-site: same-origin sec-fetch-site: same-site sec-fetch-site: none values cross-site same-origin same-site none this request does not relate to any context like site, origin, or frame.
... examples todo specifications specification title fetch metadata request
headers the sec-fetch-site http request
header ...
Sec-Fetch-User - HTTP
the sec-fetch-user fetch metadata
header indicates whether or not a navigation request was triggered by a user activation.
...
header type fetch metadata request
header forbidden
header name yes, since it has prefix sec- cors-safelisted request
header syntax sec-fetch-user: ?0 sec-fetch-user: ?1 values the value is a boolean structured
header.
... examples todo specifications specification title fetch metadata request
headers the sec-fetch-user http request
header ...
Tk - HTTP
the tk response
header indicates the tracking status that applied to the corresponding request.
...
header type response
header forbidden
header name no syntax tk: !
... examples a tk
header for a resource that claims not to be tracking would look like: tk: n specifications specification status comment tracking preference expression (dnt)the definition of 'tk
header field' in that specification.
Upgrade-Insecure-Requests - HTTP
the http upgrade-insecure-requests request
header sends a signal to the server expressing the client’s preference for an encrypted and authenticated response, and that it can successfully handle the upgrade-insecure-requests csp directive.
...
header type request
header forbidden
header name no syntax upgrade-insecure-requests: 1 examples a client's request signals to the server that it supports the upgrade mechanisms of upgrade-insecure-requests: get / http/1.1 host: example.com upgrade-insecure-requests: 1 the server can now redirect to a secure version of the site.
... a vary
header can be used so that the site isn't served by caches to clients that don’t support the upgrade mechanism.
X-XSS-Protection - HTTP
the http x-xss-protection response
header is a feature of internet explorer, chrome and safari that stops pages from loading when they detect reflected cross-site scripting (xss) attacks.
...
header type response
header forbidden
header name no syntax x-xss-protection: 0 x-xss-protection: 1 x-xss-protection: 1; mode=block x-xss-protection: 1; report=<reporting-uri> 0 disables xss filtering.
... example block pages from loading when they detect reflected xss attacks: x-xss-protection: 1; mode=block php
header("x-xss-protection: 1; mode=block"); apache (.htaccess) <ifmodule mod_
headers.c>
header set x-xss-protection "1; mode=block" </ifmodule> nginx add_
header "x-xss-protection" "1; mode=block"; specifications not part of any specifications or drafts.
HEAD - HTTP
the http head method requests the
headers that would be returned if the head request's url was instead requested with the http get method.
... for example, if a url might produce a large download, a head request could read its content-length
header to check the filesize without actually downloading the file.
...if it has one anyway, that body must be ignored: any entity
headers that might describe the erroneous body are instead assumed to describe the response which a similar get request would have received.
Proxy servers and tunneling - HTTP
a common way to disclose this information is by using the following http
headers: the standardized
header: forwarded contains information from the client-facing side of proxy servers that is altered or lost when a proxy is involved in the path of the request.
... to provide information about the proxy itself (not about the client connecting to it), the via
header can be used.
... via added by proxies, both forward and reverse proxies, and can appear in the request
headers and the response
headers.
Redirections in HTTP - HTTP
redirect responses have status codes that start with 3, and a location
header holding the url to redirect to.
... when browsers receive a redirect, they immediately load the new url provided in the location
header.
...machine-readable choices are encouraged to be sent as link
headers with rel=alternate.
406 Not Acceptable - HTTP
the hypertext transfer protocol (http) 406 not acceptable client error response code indicates that the server cannot produce a response matching the list of acceptable values defined in the request's proactive content negotiation
headers, and that the server is unwilling to supply a default representation.
... proactive content negotiation
headers include: accept accept-charset accept-encoding accept-language in practice, this error is very rarely used.
... instead of responding using this error code, which would be cryptic for the end user and difficult to fix, servers ignore the relevant
header and serve an actual page to the user.
412 Precondition Failed - HTTP
this happens with conditional requests on methods other than get or head when the condition defined by the if-unmodified-since or if-none-match
headers is not fulfilled.
... status 412 precondition failed examples etag: "33a64df551425fcc55e4d42a148795d9f25f89d4" etag: w/"0815" avoiding mid-air collisions with the help of the etag and the if-match
headers, you can detect mid-air edit collisions.
... for example, when editing mdn, the current wiki content is hashed and put into an etag in the response: etag: "33a64df551425fcc55e4d42a148795d9f25f89d4" when saving changes to a wiki page (posting data), the post request will contain the if-match
header containing the etag values to check freshness against.
Template literals (Template strings) - JavaScript
in es5: let classes = '
header'; classes += (islargescreen() ?
... ' icon-expander' : ' icon-collapser'); in es2015 with template literals and without nesting: const classes = `
header ${ islargescreen() ?
...'icon-expander' : 'icon-collapser') }`; in es2015 with nested template literals: const classes = `
header ${ islargescreen() ?
Same-origin policy - Web security
due to the relaxed syntax rules of css, cross-origin css requires a correct content-type
header.
...sites can use the x-frame-options
header to prevent cross-origin framing.
...browsers may not respect the content-type
header.
Reddit Example - Archive of obsolete content
if (t.nodename != "a") return; // don't intercept the click if it was on one of the links in the
header // or next/previous footer, since those links should load in the panel itself.
... if ($(t).parents('#
header').length || $(t).parents('.nextprev').length) return; // intercept the click, passing it to the addon, which will load it in a tab.
page-worker - Archive of obsolete content
for example, this add-on loads a page from wikipedia, and runs a content script in it to send all the
headers back to the main add-on code: var pageworkers = require("sdk/page-worker"); // this content script sends
header titles from the page to the add-on: var script = "var elements = document.queryselectorall('h2 > span'); " + "for (var i = 0; i < elements.length; i++) { " + " postmessage(elements[i].textcontent) " + "}"; // create a page worker that loads wi...
...so if your content script is saved under data as "my-script.js", you need a line like <script src="my-script.js"></script> in the page
header.
Connecting to Remote Content - Archive of obsolete content
sometimes the server doesn't specify an xml content-type
header, which is necessary for the xml parsing to happen automatically.
... request.open("post", url, true); request.setrequest
header("content-type", "application/x-www-form-urlencoded"); request.send("data=hello&version=2"); the third parameter for the open method specifies whether the request should be handled asynchronously or not.
Promises - Archive of obsolete content
"post" : "get"; if (options.mimetype) xhr.overridemimetype(params.options); xhr.open(options.method || defaultmethod, url); if (options.responsetype) xhr.responsetype = options.responsetype; for (let
header of object.keys(options.
headers || {})) xhr.setrequest
header(
header, options.
headers[
header]); let data = options.data; if (data && object.getprototypeof(data).constructor.name == "object") { options.data = new formdata; for (let key of object.keys(data)) options.data.append(key, data[key]); } xhr.send(options.da...
...ta); }); } example usage: task.spawn(function* () { let request = yield request("http://example.com/", { method: "put", mimetype: "application/json",
headers: { "x-species": "hobbit" }, data: { foo: new file(path), thing: "stuff" }, responsetype: "json" }); console.log(request.response["json-key"]); }); ...
Installing Dehydra - Archive of obsolete content
mkdir gcc-objdir mkdir gcc-dist cd gcc-objdir ../gcc-4.5.3/configure --disable-bootstrap --enable-languages=c,c++ --prefix=$pwd/../gcc-dist make make install building dehydra and treehydra building dehydra requires spidermonkey development
headers from the previous step.
...(obsolete dehydra releases can be found on the mozilla ftp site.) hg clone http://hg.mozilla.org/rewriting-and-analysis/dehydra/ cd dehydra export cxx=/usr/bin/g++ ./configure \ --js-
headers=$home/obj-js/dist/include \ --js-libs=$home/obj-js make # run dehydra and treehydra tests make check usage dehydra checking can be performed directly within the mozilla build.
Running Tamarin performance tests - Archive of obsolete content
file --notimecheck do not recompile .abc if timestamp is older than .as --java location of java executable (default=java) --javaargs arguments to pass to java --random run tests in random order --seed explicitly specify random seed for --random -s --avm2 second avmplus command to use --avmname nickname for avm to use as column
header --avm2name nickname for avm2 to use as column
header --detail display results in 'old-style' format --raw output all raw test values -i --iterations number of times to repeat test -l --log logs results to a file -k --socketlog logs results to a socket server -r --runtime name of the runtime vm used, including switch info eg.
... see the file
header for details testing the android shell the instructions above apply to running tests on an android device as well, but with a few differences.
Using XPInstall to Install Plugins - Archive of obsolete content
when serving xpi packages from servers to clients, make sure that xpi packages are served with this mime type in the http
headers.
...when serving xpi packages from servers to clients, make sure that xpi packages are served with this mime type in the http
headers.
Using Multiple Queries to Generate More Results - Archive of obsolete content
a
header class is used to distinguish the content, although you could use exactly the same content if you wish.
... <template> <queryset> <query> <content uri="?start"/> <member container="?start" child="?item"/> </query> <rule> <binding subject="?item" predicate="http://purl.org/dc/elements/1.1/title" object="?title"/> <action> <label uri="?item" value="?title" class="
header"/> </action> </rule> </queryset> <queryset> <query> <content uri="?start"/> <triple subject="?start" predicate="http://www.xulplanet.com/rdf/people" object="?people"/> <member container="?people" child="?item"/> </query> <rule> <binding subject="?item" predicate="http://purl.org/dc/elements/1.1/title" object="?title"/> <action> <label uri="?item" value="?title"/> </action> </rule> </queryset> </template> you can vi...
Styling a Tree - Archive of obsolete content
styling the tree you can style the tree border and the column
headers in the same way as other elements.
...adding a style to the treecol element does not cause the style to be applied to the column but only to the
header.
Using Remote XUL - Archive of obsolete content
with php you can send the mime-type with the
header() function.
... <?php
header('content-type: application/vnd.mozilla.xul+xml'); ?> <!-- xul markup starts here --> note that you don't need a web server for this tutorial; you can load the document you create on your computer via a "file" url or the "open file" function of your browser.
XUL accessibility guidelines - Archive of obsolete content
the column picker and column
headers in xul trees are not keyboard accessible, consistent with the standard tree behavior on most contemporary operating systems.
...because column
headers and the column picker, in the upper right hand corner of the tree, can not receive focus, they are not operable with a keyboard.
description - Archive of obsolete content
attributes crop, disabled, tabindex value properties accessibletype, crop, disabled, tabindex, value style classes
header, indent, monospace, plain, small-margin examples this is a long section of text that will word wrap when displayed <description> this is a long section of text that will word wrap when displayed.
...ldnodes(), insertbefore(), isdefaultnamespace(), isequalnode, issamenode, issupported(), lookupnamespaceuri, lookupprefix, normalize(), queryselector(), queryselectorall(), removeattribute(), removeattributenode(), removeattributens(), removechild(), removeeventlistener(), replacechild(), setattribute(), setattributenode(), setattributenodens(), setattributens(), setuserdata style classes
header a class used for headings.
dialog - Archive of obsolete content
ceptdialog, canceldialog, centerwindowonscreen, getbutton, movetoalertposition examples <?xml version="1.0"?> <?xml-stylesheet href="chrome://global/skin/global.css" type="text/css"?> <dialog id="donothing" title="dialog example" xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul" buttons="accept,cancel" buttonlabelcancel="cancel" buttonlabelaccept="save"> <dialog
header title="options" description="my preferences"/> <groupbox> <caption label="colour"/> <radiogroup> <radio label="red"/> <radio label="green" selected="true"/> <radio label="blue"/> </radiogroup> <label value="nickname"/> <textbox/> </groupbox> </dialog> attributes activetitlebarcolor type: color string specify background color of the window's titleb...
... related elements dialog
header ...
label - Archive of obsolete content
attributes accesskey, control, crop, disabled, href, value properties accesskey, accessibletype, control, crop, disabled, value style classes
header, indent, monospace, plain, small-margin, text-link examples <label value="email address" control="email"/> <textbox id="email"/> attributes accesskey type: character this should be set to a character that is used as a shortcut key.
...
header a class used for headings.
listbox - Archive of obsolete content
tion, movebyoffset, removeitemat, removeitemfromselection, scrolltoindex, selectall, selectitem, selectitemrange, timedselect, toggleitemselection examples <listbox id="thelist"> <listitem label="ruby"/> <listitem label="emerald"/> <listitem label="sapphire" selected="true"/> <listitem label="diamond"/> </listbox> <listbox id="thelist" rows="10" width="400"> <listhead> <list
header label="1ct gem" width="240"/> <list
header label="price" width="150"/> </listhead> <listcols> <listcol/> <listcol flex="1"/> </listcols> </listbox> var thelist = document.getelementbyid('thelist'); gems = [ {gem: "ruby", price: "$3,500 - $4,600"}, {gem: "emerald", price: "$700 - 4,250"}, {gem: "blue sapphire", price: "$3,400 - $4,500"}, {ge...
... related elements listcell, listcol, listcols, listhead, list
header, listitem interfaces nsiaccessibleprovider, nsidomxulmultiselectcontrolelement ...
listcol - Archive of obsolete content
examples example <!-- a two column listbox with one column flexible --> <listbox> <listhead> <list
header label="first"/> <list
header label="last"/> </listhead> <listcols> <listcol flex="1"/> <listcol/> </listcols> <listitem> <listcell label="buck"/> <listcell label="rogers"/> </listitem> <listitem> <listcell label="john"/> <listcell label="painter"/> </listitem> </listbox> attributes inherited from xul element align, allowevents, allownegativeassertions, class, coalesceduplicatearcs, collapsed, container, containment, context, contextmenu, datasources...
..., isequalnode, issamenode, issupported(), lookupnamespaceuri, lookupprefix, normalize(), queryselector(), queryselectorall(), removeattribute(), removeattributenode(), removeattributens(), removechild(), removeeventlistener(), replacechild(), setattribute(), setattributenode(), setattributenodens(), setattributens(), setuserdata related elements listbox, listcell, listcols, listhead, list
header, listitem ...
Dialogs in XULRunner - Archive of obsolete content
"accept,cancel" buttonlabelaccept="set favorite" buttonaccesskeyaccept="s" ondialogaccept="return dosave();" buttonlabelcancel="cancel" buttonaccesskeycancel="n" ondialogcancel="return docancel();"> <script> function dosave(){ //dosomething() return true; } function docancel(){ return true; } </script> <dialog
header title="my dialog" description="example dialog"/> <groupbox flex="1"> <caption label="select favorite fruit"/> <radiogroup> <radio id="1" label="oranges because they are fruity"/> <radio id="2" selected="true" label="strawberries because of color"/> <radio id="3" label="bananna because it pre packaged"/> </radiogroup> </groupbox> </dialog> xul window elements h...
...not too sure if i’ll use the <dialog
header>, but if i did, the single element would be a big time saver over building the
header from scratch.
Using SOAP in XULRunner 1.9 - Archive of obsolete content
exml); --- > var jsout = xmlobjectifier.xmltojson(xdata.responsexml); 46,60c46,62 < $.ajax({ < type: "post", < url: soapclient.proxy, < datatype: "xml", < processdata: false, < data: content, < complete: getresponse, < contenttype: soapclient.contenttype + "; charset=\"" + soapclient.charset + "\"", < beforesend: function(req) { < req.setrequest
header("method", "post"); < req.setrequest
header("content-length", soapclient.contentlength); < req.setrequest
header("soapserver", soapclient.soapserver); < req.setrequest
header("soapaction", soapreq.action); < } < }); --- > var xhr = new xmlhttprequest(); > xhr.mozbackgroundrequest = true; > xhr.open('post', soapclient.proxy, true); > xhr.onreadystatechange = fu...
...nction() { > if (4 != xhr.readystate) { return; } > getresponse(xhr); > }; > var
headers = { > 'method': 'post', > 'content-type': soapclient.contenttype + '; charset="' + > soapclient.charset + '"', > 'content-length': soapclient.contentlength, > 'soapserver': soapclient.soapserver, > 'soapaction': soapreq.action > }; > for (var h in
headers) { xhr.setrequest
header(h,
headers[h]); } > xhr.send(content); ...
nsIContentPolicy - Archive of obsolete content
shouldprocess() will get this for, for example <meta> refresh elements and http refresh
headers.
... return value accept or reject_* example you can implement this interface easily by including the nsicontentpolicy.h
header file and implementing public nsicontentpolicy into your class, like this: // put this into your
header file #include "_path_to_sdk/include/content/nsicontentpolicy.h" class myclass: public nsisupports, public nsicontentpolicy { ...
Writing a plugin for Mac OS X - Archive of obsolete content
xp_macosx it's important to define the gcc preprocessor definition xp_macosx to 1; this is used by the npapi
headers to build properly on mac os x.
... if you want to implement your plugin in c++ or objective-c++, you need to tell the compiler to export them in c format by using extern "c" in the
header, like this: #pragma gcc visibility push(default) extern "c" { nperror np_initialize(npnetscapefuncs *browserfuncs); nperror np_getentrypoints(nppluginfuncs *pluginfuncs); void np_shutdown(void); } #pragma gcc visibility pop you can check to be sure your symbols are visible and in standard c format by using the nm utility provided among the mac os x developer tools: [user@foo mymac] nm...
TCP/IP Security - Archive of obsolete content
at each layer, the logical units are typically composed of a
header and a payload.
... the payload consists of the information passed down from the previous layer, while the
header contains layer-specific information such as addresses.
Browser Feature Detection - Archive of obsolete content
true pitch true false false pitchrange true false true playduring false false false position true true true quotes true false true richness true false false right true true true size true false true speak true false true speak
header true false false speaknumeral true false false speakpunctuation true false false speechrate true false true stress true false false tablelayout true true true textshadow true false true top true true true unicodebidi true true true visib...
...pported': false}, {name: 'pitch', 'supported': false}, {name: 'pitchrange', 'supported': false}, {name: 'playduring', 'supported': false}, {name: 'position', 'supported': false}, {name: 'quotes', 'supported': false}, {name: 'richness', 'supported': false}, {name: 'right', 'supported': false}, {name: 'size', 'supported': false}, {name: 'speak', 'supported': false}, {name: 'speak
header', 'supported': false}, {name: 'speaknumeral', 'supported': false}, {name: 'speakpunctuation', 'supported': false}, {name: 'speechrate', 'supported': false}, {name: 'stress', 'supported': false}, {name: 'tablelayout', 'supported': false}, {name: 'textshadow', 'supported': false}, {name: 'top', 'supported': false}, {name: 'unicodebidi', 'supported': false}, {name: 'visibility', 's...
display-outside - Archive of obsolete content
/* keyword values */ display-outside: block-level; display-outside: inline-level; display-outside: run-in; display-outside: contents; display-outside: none; display-outside: table-row-group; display-outside: table-
header-group; display-outside: table-footer-group; display-outside: table-row; display-outside: table-cell; display-outside: table-column-group; display-outside: table-column; display-outside: table-caption; display-outside: ruby-base; display-outside: ruby-text; display-outside: ruby-base-container; display-outside: ruby-text-container; /* global values */ display-outside: inherit; display-outside: in...
... table-row-group, table-
header-group, table-footer-group, table-row, table-cell, table-column-group, table-column, table-caption the element is an internal table element, and participates in a table layout context.
Writing JavaScript for XHTML - Archive of obsolete content
we can do this on server side by evaluating the http request
header.
... in php, for example, you would write something like this: if( strpos( $_server['http_accept'], "application/xhtml+xml" ) ) {
header( "content-type: application/xhtml+xml" ); echo '<?xml version="1.0" ?>'."\n"; } else {
header( "content-type: text/html" ); } this distinction also sends the xml declaration, which is strongly recommended, when the document is an xml file.
Implementation Status - Archive of obsolete content
xforms submission model section title status notes bugs 11.1 submission partial from 1.1 we do not yet support @mode, @indent, @replace='text', @separator, @serialize, @target,
header or method child elements 11.2 xforms-submit partial we currently limit (for security reasons) submission only back to the server that served the document.
... 11.3 xforms-submit-serialize supported 11.4 xforms-submit-done supported 11.5 xforms-submit-error supported 11.6.1 resource supported 11.7.1 method unsupported 11.8
header unsupported 11.8.1 name unsupported 11.8.2 value unsupported 11.9 submission options supported 11.9.1 the get submission method supported 11.9.2 the post, multipart-post, form-dat...
Plug-in Development Overview - Gecko Plugin API Reference
in addition to the dll that goes in the plugins folder, you must also place a type library and an extra
header file in the appropriate places in your application directory.
... building, platforms, and compilers the
header files and some basic examples for npapi plugins are found in the npapi-sdk project (google code).
HTTP/2 - MDN Web Docs Glossary: Definitions of Web-related terms
the primary goals for http/2 are to reduce latency by enabling full request and response multiplexing, minimize protocol overhead via efficient compression of http
header fields, and add support for request prioritization and server push.
...all the core concepts found in http 1.1, such as http methods, status codes, uris, and
header fields, remain in place.
Semantics - MDN Web Docs Glossary: Definitions of Web-related terms
irrors proper custom element/component naming when approaching which markup to use, ask yourself, "what element(s) best describe/represent the data that i'm going to populate?" for example, is it a list of data?; ordered, unordered?; is it an article with sections and an aside of related information?; does it list out definitions?; is it a figure or image that needs a caption?; should it have a
header and a footer in addition to the global site-wide
header and footer?; etc.
... semantic elements these are some of the roughly 100 semantic elements available: <article> <aside> <details> <figcaption> <figure> <footer> <
header> <main> <mark> <nav> <section> <summary> <time> learn more html element reference on mdn using html sections and outlines on mdn the meaning of semantics in computer science on wikipedia ...
User agent - MDN Web Docs Glossary: Definitions of Web-related terms
along with each request they make to the server, browsers include a self-identifying user-agent http
header called a user agent (ua) string.
... learn more general knowledge user agent on wikipedia technical reference navigator.useragent browser detection using the user agent rfc 2616: 14.43: the user-agent
header ...
Creating hyperlinks - Learn web development
in fact, any standard mail
header fields can be added to the mailto url you provide.
... the most commonly used of these are "subject", "cc", and "body" (which is not a true
header field, but allows you to specify a short content message for the new email).
Structuring a page of content - Learn web development
it needs to have: a
header spanning the full width of the site containing the main title for the page, the site logo, and the navigation menu.
... you need to add a suitable wrapper for: the
header the navigation menu the main content the welcome text the image sidebar the footer you should also: apply the provided css to the page by adding another <link> element just below the existing one provided at the start.
Mozilla splash page - Learn web development
you'll also link to the firefox logo in the site
header.
... adding a logo to the
header inside the <
header> element, add an <img> element that will embed the small version of the firefox logo in the
header.
Client-side storage - Learn web development
you can find the example html at personal-greeting.html — this contains a simple website with a
header, content, and footer, and a form for entering your name.
...you'll see that the html is pretty simple: a web site with a
header and footer, as well as a main content area that contains a place to display notes, and a form for entering new notes into the database.
Handling common JavaScript problems - Learn web development
this is supposed to be fetched from an external .json file using the following xmlhttprequest call: let requesturl = 'https://mdn.github.io/learning-area/javascript/oojs/json/superheroes.json'; let request = new xmlhttprequest(); request.open('get', requesturl); request.send(); let superheroes = request.response; populate
header(superheroes); showheroes(superheroes); but this fails.
...let's fix this problem by running the code once the load event has been fired — remove the console.log() line, and update this code block: let superheroes = request.response; populate
header(superheroes); showheroes(superheroes); to the following: request.onload = function() { let superheroes = request.response; populate
header(superheroes); showheroes(superheroes); } to summarize, anytime something is not working and a value does not appear to be what it is meant to be at some point in your code, you can use console.log() to print it out and see what is happening.
Gecko info for Windows accessibility vendors
unique features role_table html: <table> dhtml: role="wairole:grid" (in this case state_focusable is set) accname is supported via <caption> first child of table or summary attribute role_column
header xul: tree column
headers html: <th> dhtml: role="wairole:col
header" role_row
header dhtml: role="wairole:row
header" role_column not supported.
...you must make a
header files for them, by running these commands: midl isimpledomnode.idl midl isimpledomtext.idl midl isimpledomdocument.idl that will generate isimpledomnode.h and isimpledomdocument.h, which define the interfaces.
Mozilla’s UAAG evaluation report
html: scope attribute (table): available through dom html:
headers attribute (table): available through dom html: axis attribute (table): available through dom html: tabindex attribute: yes, can be used to order sequential navigation html: accesskey attribute: supported with alt-{key}, menu key conflict favor the accesskey?
...(p1) ni we don't make use of scope,
headers, axis, or any other table accessibility features we have nothing under properties, or anywhere else, to orient users reading a table 10.2 highlight selection and content focus.
HTTP logging
logging only http request and response
headers there are two ways to do this: replace moz_log=nshttp:5 with moz_log=nshttp:3 in the commands above.
... there's a handy extension for firefox called http
header live that you can use to capture just the http request and response
headers.
Makefile - targets
compile firefox, thunderbird, etc check standalone shell unit test invoked directly by make configure launch the configure program to define
headers and and attributes for the target build machine.
... export generate and install exported
headers: exports makefiles target used to only regenerate makefiles package generate a package tarball clean targets clean remove object files, binaries and generated content clobber alias for clean distclean clean + configure cleanup ...
Displaying Places information using views
return this._getcelltext(arowindex, acol); }; view._cycle
header = view.cycle
header; view.cycle
header = function (acol) { switch (acol.id || acol.element.getattribute("anonid")) { case "fulluri": case "indexinparent": case "parity": // you might resort by column here.
... break; default: this._cycle
header(acol); break; } }; // execute a query and gets its result.
HTTP Cache
contextinfo.idl it is a helper interface wrapping following four arguments into a single one: private-browsing boolean flag anonymous load boolean flag app id number (0 for no app) is-in-browser boolean flag helper functions to create nsiloadcontextinfo objects: c++ consumers: functions at loadcontextinfo.h exported
header js consumers: resource://gre/modules/loadcontextinfo.jsm module methods two storage objects created with the same set of nsiloadcontextinfo arguments are identical, containing the same cache entries.
... in this case, the content-length (or different indicator)
header doesn't equal to the data size reported by the cache entry.
IPDL Tutorial
the ipdl compiler generates several c++
headers from each ipdl protocol.
... generated c++ code when pplugin.ipdl is compiled, the
headers ppluginparent.h, and ppluginchild.h will be generated in the ipc/ipdl/_ipdl
headers/ directory of the build tree.
Index
/* nspr
headers */ #include <prprf.h> #include <prtypes.h> #include <plgetopt.h> #include <prio.h> #include <prprf.h> /* nss
headers */ #include <secoid.h> #include <secmodt.h> #include <sechash.h> typedef struct { const char *hashname; secoidtag oid; } nametagpair; /* the hash algorithms supported */ static const nametagpair hash_names[] = { { "md2", sec_oid_md2 }, { "md5...
... -h num generate email
headers with info about cms message (decode only).
NSS_3.12.2_release_notes.html
the tar.gz or zip file expands to an nss-3.12.2 directory containing three subdirectories: include - nss
header files lib - nss shared libraries bin< - nss tools and test programs you also need to download the nspr 4.7.1 binary distributions to get the nspr 4.7.1
header files and shared libraries, which nss 3.12.2 requires.
... bug 432260: [[@ pkix_pl_httpdefaultclient_hdrcheckcomplete - pkix_pl_memcpy] crashes when there is no content-length
header in the http response bug 436599: pkix: aia extension is not used in some bridge ca / known certs configuration bug 437804: certutil -r for cert renewal should derive the subject from the cert if none is specified.
NSS 3.12.6 release notes
you also need to download the nspr 4.8.4 binary distributions to get the nspr 4.8.4
header files and shared libraries, which nss 3.12.6 requires.
...x_hash throws a null-argument exception on empty strings bug 530907: the peerid argument to ssl_setsockpeerid should be declared const bug 531188: decompression failure with https://livechat.merlin.pl/ bug 532417: build problem with spaces in path names bug 534943: clean up the makefiles in lib/ckfw/builtins bug 534945: lib/dev does not need to include
headers from lib/ckfw bug 535669: move common makefile code in if and else to the outside bug 536023: der_utctimetotime and der_generalizedtimetotime ignore all bytes after an embedded null bug 536474: add support for logging pre-master secrets bug 537356: implement new safe ssl3 & tls renegotiation bug 537795: nss_initcontext does not work with nss_registers...
NSS 3.28.3 release notes
compatibility nss 3.28.3 shared libraries are backward compatible with most older nss 3.x shared libraries, but depending on your application, may be incompatible, if you application has been compiled against
header files of versions 3.28, 3.28.1, or 3.28.2.
... if you had compiled your application against
header files of nss 3.28, nss 3.28.1 or nss 3.28.2, it it recommended that you recompile your application against nss 3.28.3, at the time you upgrade to nss 3.28.3.
NSS 3.29.1 release notes
compatibility nss 3.29.1 shared libraries are backward compatible with most older nss 3.x shared libraries, but depending on your application, may be incompatible, if you application has been compiled against
header files of versions 3.28, 3.28.1, 3.28.2 nss 3.29.1.
... if you had compiled your application against
header files of nss 3.28, nss 3.28.1, nss 3.28.2 or nss 3.29, it it recommended that you recompile your application against nss 3.29.1 (or nss 3.28.3), at the time you upgrade to nss 3.29.1 (or nss 3.28.3).
NSS Sample Code Utilities_1
ii) { /* first convert ascii to binary */ secitem filedata; char *asc, *body; /* read in ascii data */ rv = filetoitem(&filedata, infile); asc = (char *)filedata.data; if (!asc) { pr_fprintf(pr_stderr, "unable to read data from input file\n"); rv = secfailure; goto cleanup; } /* check for
headers and trailers and remove them */ if ((body = strstr(asc, "-----begin")) != null) { char *trailer = null; asc = body; body = port_strchr(body, '\n'); if (!body) body = port_strchr(asc, '\r'); /* maybe this is a mac file */ if (body) trailer = strstr(++body, "-----end"); if (trailer != nu...
...ll) { *trailer = '\0'; } else { pr_fprintf(pr_stderr, "input has
header but no trailer\n"); port_free(filedata.data); rv = secfailure; goto cleanup; } } else { body = asc; } /* convert to binary */ rv = atob_convertasciitoitem(der, body); if (rv) { pr_fprintf(pr_stderr, "error converting ascii to binary %s\n", port_geterror()); port_free(filedata.data); rv = secfailure; goto cleanup; } port_free(filedata.data); } else { /* read in binary der */ rv = filetoitem(der, infile); if (rv) { pr_fprintf(pr_stderr, "error c...
Utilities for nss samples
ii) { /* first convert ascii to binary */ secitem filedata; char *asc, *body; /* read in ascii data */ rv = filetoitem(&filedata, infile); asc = (char *)filedata.data; if (!asc) { pr_fprintf(pr_stderr, "unable to read data from input file\n"); rv = secfailure; goto cleanup; } /* check for
headers and trailers and remove them */ if ((body = strstr(asc, "-----begin")) != null) { char *trailer = null; asc = body; body = port_strchr(body, '\n'); if (!body) body = port_strchr(asc, '\r'); /* maybe this is a mac file */ if (body) trailer = strstr(++body, "-----end"); if (trailer != nu...
...ll) { *trailer = '\0'; } else { pr_fprintf(pr_stderr, "input has
header but no trailer\n"); port_free(filedata.data); rv = secfailure; goto cleanup; } } else { body = asc; } /* convert to binary */ rv = atob_convertasciitoitem(der, body); if (rv) { pr_fprintf(pr_stderr, "error converting ascii to binary %s\n", port_geterror()); port_free(filedata.data); rv = secfailure; goto cleanup; } port_free(filedata.data); } else { /* read in binary der */ rv = filetoitem(der, infile); if (rv) { pr_fprintf(pr_stderr, "error c...
Installation guide
our makefiles also have an "install" target, but it has a different meaning: our "install" means installing the
headers, libraries, and programs in the appropriate directories under mozilla/dist.
... so right now you need to manually install the
headers, libraries, and programs in the directories you want.
Sample manual installation
the nss build system does not include a target to install
header files and shared libraries in the system directories, so this needs to be done manually.
... after building nss with "gmake nss_build_all", the resulting build can be found in the nss source tree as follows: nss
header files: mozilla/dist/public/nss nspr
header files: mozilla/dist/<obj-dir>/include nspr/nss shared libs: mozilla/dist/<obj-dir>/lib nss binary executables: mozilla/dist/<obj-dir>/bin.
sslintro.html
warning: some of the ssl
header files provided as part of nss 2.0 include both public apis documented in the nss 2.0 documentation set and private apis intended for internal use by the nss implementation of ssl.
...other apis that may be exposed in the
header files are not supported for application use.
Installing Pork
elsa (the c++ parser in pork) has a hard time with some of the new features used in later gcc c++
headers.
...-f gcc${gcc_maj_ver}${gcc_min_ver}_predef_std.h; then - echo " generating g*.h
header files" - ${cc} -e -xc -dm /dev/null | sort | grep ' *#define *_' \ + echo " generating g*.h
header files: ${cppflags}" + ${cc} ${cppflags} -e -xc -dm /dev/null | sort | grep ' *#define *_' \ > gcc${gcc_maj_ver}${gcc_min_ver}_predef_std.h - ${cc} -e -xc -dm /dev/null | sort | grep -e ' *#define *[a-za-z]+' \ + ${cc} ${cppflags} -e -xc -dm /dev/null | sor...
Index
full documentation of how to define a jsnative (or a jsfastnative, the equivalent typedef which preceded it) is available in the api
header "js/callargs.h" added in spidermonkey 24.
... this
header is new, but the semantics it describes are applicable to all recent spidermonkey releases.
JSNative
full documentation of how to define a jsnative (or a jsfastnative, the equivalent typedef which preceded it) is available in the api
header "js/callargs.h" added in spidermonkey 24.
... this
header is new, but the semantics it describes are applicable to all recent spidermonkey releases.
Parser API
all binding forms (such as function parameters, variable declarations, and catch block
headers) accept array and object destructuring patterns in addition to plain identifiers.
...in binding positions (such as function parameters, variable declarations, and catch
headers), patterns can only be identifiers in the base case, not arbitrary expressions.
Gecko events
event_table_row_
header_changed a table's row
header changed.
...event_table_column_
header_changed a table's column
header changed.
ROLE_TABLE
« gecko roles page represents a table that contains rows and columns of cells, and optionally, row
headers and column
headers.
... also refer to the following roles: role_column
header, role_row
header, role_column, role_row, role_cell.
XPCOM glue
compiling or linking against xpcom
headers there are three ways to compile/link against xpcom
headers/libraries: frozen linkage: dependent glue (dependent on xpcom.dll) xpcom modules, i.e.
... sample compiler/linker flags code compiled using xpcom
headers should always #include "xpcom-config.h" from the sdk, to ensure that xpcom #defines are correct.
Creating the Component Code
for example, mozilla_strict_api is a variable that shields you from certain private, non-xpcom
headers.
... for example, including nsicomponentmanager.idl without mozilla_strict_api defined will include the following
headers, which are not supported across versions (unfrozen): nscomponentmanagerutils.h nscomponentmanagerobsolete.h these variables are picked up by files that do not specify themselves as mozilla_strict_api.
Monitoring HTTP activity
tivityobserver = components.interfaces.nsihttpactivityobserver; var httpobserver = { observeactivity: function(ahttpchannel, aactivitytype, aactivitysubtype, atimestamp, aextrasizedata, aextrastringdata) { if (aactivitytype == nsihttpactivityobserver.activity_type_http_transaction) { switch(aactivitysubtype) { case nsihttpactivityobserver.activity_subtype_response_
header: // received response
header break; case nsihttpactivityobserver.activity_subtype_response_complete: // received complete http response break; } } } }; then you need to install your activity observer.
...these include the ability to monitor outgoing http request
headers and bodies as well as incoming http
headers and complete http transactions.
nsIAccessibleEvent
event_table_row_
header_changed 0x0040 0x003c a table's row
header changed.
... event_table_column_
header_changed 0x0045 0x0041 a table's column
header changed.
nsIAccessibleTable
note: renamed from columns in gecko 1.9.2 column
header nsiaccessibletable read only.
...note: renamed from rows in gecko 1.9.2 row
header nsiaccessibletable read only.
nsIAccessibleTableCell
column
headercells nsiarray return an array of column
header cells for this cell.
... row
headercells nsiarray return an array of row
header cells for this cell.
nsICookieService
setcookiestring() will query the documenturi property off of nsihttpchannelinternal if supported, and setcookiestring() could also query the date
header from the channel if achannel supports nsihttpchannel.
... aservertime the expiry information of the cookie (the date
header from the http response).
nsIHttpServer
* * @throws ns_error_invalid_arg * if the given type is not a valid
header field value, i.e.
... if it doesn't * match the field-value production in rfc 2616 * @note * no syntax checking is done of the given type, beyond ensuring that it is * a valid
header field value.
nsILoginManager
ahttprealm for protocol logins, specify the http realm for which the login applies; this is obtained from the www-authenticate
header (see rfc 2617).
... ahttprealm for protocol logins, specify the http realm for which the login applies; this is obtained from the www-authenticate
header (see rfc 2617).
nsIMsgCompFields
(bug 249530) newsgroups astring newshost char * newsposturl char * organization astring otherrandom
headers astring no longer exists - see https://groups.google.com/forum/#!topic/mozilla.dev.apps.thunderbird/s4ofmm8_b28 priority char * receipt
headertype print32 references char * replyto astring securityinfo nsisupports subject astring templatename astring temporaryfiles...
...ersion ( out char * fallbackcharset ); nsimsgrecipientarray splitrecipients ( in prunichar * recipients, in prbool emailaddressonly ); void convertbodytoplaintext ( ); attachment handling methods void addattachment ( in nsimsgattachment attachment ); void removeattachment ( in nsimsgattachment attachment ); void removeattachments ( );
header methods void set
header(char* name, char* value); references this interface is the type of the following properties: nsimsgcompose.compfields, nsimsgcomposeparams.composefields this interface is passed as an argument to the following methods: nsimsgcomposesecure.begincryptoencapsulation, nsimsgcomposesecure.requirescryptoencapsulation, nsimsgsend.createandsendmessage, nsimsgs...
nsIMsgFilter
m action associated with customid // (which must be set prior to reading this attribute) readonly attribute nsimsgfiltercustomaction customaction; methods addterm() void nsimsgfilter::addterm ( in nsmsgsearchattribvalue attrib, in nsmsgsearchopvalue op, in nsimsgsearchvalue value, in boolean booleanand, in acstring arbitrary
header ) getterm() void nsimsgfilter::getterm ( in long termindex, in nsmsgsearchattribvalue attrib, in nsmsgsearchopvalue op, in nsimsgsearchvalue value, out boolean booleanand, out acstring arbitrary
header ) appendterm() void nsimsgfilter::appendterm (in nsimsgsearchterm term) createterm() nsimsgsearc...
...hterm nsimsgfilter::createterm ( ) matchhdr() void nsimsgfilter::matchhdr ( in nsimsgdbhdr msghdr, in nsimsgfolder folder, in nsimsgdatabase db, in string
headers, in unsigned long
headersize, out boolean result ) logrulehit() void nsimsgfilter::logrulehit ( in nsimsgruleaction afilteraction, in nsimsgdbhdr a
header ) createaction() nsimsgruleaction nsimsgfilter::createaction ( ) getactionat() nsimsgruleaction nsimsgfilter::getactionat (in long aindex) appendaction() void nsimsgfilter::appendaction (in nsimsgruleaction action ) clearactionlist() void nsimsgfilter::clearactionlist() getsortedactionlist() void nsimsgfilter::getsortedactionlist (in nsisupportsarray actionlist) ...
nsIMsgFilterList
defined in comm-central/ mailnews/ base/ search/ public/ nsimsgfilterlist.idl attributes folder attribute nsimsgfolder nsimsgfilterlist::folder version readonly attribute short nsimsgfilterlist::version arbitrary
headers readonly attribute acstring nsimsgfilterlist::arbitrary
headers shoulddownloadall
headers readonly attribute boolean nsimsgfilterlist::shoulddownloadall
headers filtercount readonly attribute unsigned long nsimsgfilterlist::filtercount loggingenabled attribute boolean nsimsgfilterlist::loggingenabled defaultfile attribute nsilocalfile nsimsgfilterlist::defaultfile logstream attribute nsioutputstream nsimsgfilterlist::logstream logurl readonly attribute acstring nsimsgfilterlist::logurl methods getfilterat() nsimsgfilter nsimsgfilterlist::getfilterat (in unsigned l...
...terlist::parsecondition ( in nsimsgfilter afilter, in string condition ) savetodefaultfile() void nsimsgfilterlist::savetodefaultfile ( ) applyfilterstohdr() void nsimsgfilterlist::applyfilterstohdr ( in nsmsgfiltertypetype filtertype, in nsimsgdbhdr msghdr, in nsimsgfolder folder, in nsimsgdatabase db, in string
headers, in unsigned long
headersize, in nsimsgfilterhitnotify listener, in nsimsgwindow msgwindow, in nsilocalfile amessagefile ) writeinattr() void nsimsgfilterlist::writeintattr ( in nsmsgfilterfileattribvalue attrib, in long value, in nsioutputstream stream ) writestrattr() void nsimsg...
nsIMsgWindow
msg
headersink nsimsg
headersink this allows the backend code to send message
header information to the ui.
... clearmsghdr whether or not the existing message pane and
header should be cleared before the html is displayed.
nsIRequest
consider, for example, a http response with a "cache-control: no-cache"
header.
...this means that things like authorization tokens or cookie
headers should not be added.
XPCOM Interface Reference
eamnsifileoutputstreamnsifilepickernsifileprotocolhandlernsifilespecnsifilestreamsnsifileurlnsifileutilitiesnsifileviewnsifocusmanagernsiformhistory2nsiframeloadernsiframeloaderownernsiframemessagelistenernsiframemessagemanagernsiframescriptloadernsigsettingscollectionnsigsettingsservicensigeolocationprovidernsigeolocationupdatensiglobalhistorynsiglobalhistory2nsiglobalhistory3nsihtmleditornsihttp
headerlistenernsihapticfeedbacknsihttpactivitydistributornsihttpactivityobservernsihttpchannelnsihttpchannelinternalnsihttp
headervisitornsihttpservernsihttpupgradelistenernsiidnservicensiiframeboxobjectnsiiniparsernsiiniparserfactorynsiiniparserwriternsiioservicensiidleservicensiinprocesscontentframemessagemanagernsiinputstreamnsiinputstreamcallbacknsiinstalllocationnsiinterfacerequestornsijscidnsijsidn...
...amnsimacdocksupportnsimarkupdocumentviewernsimemorynsimemorymultireporternsimemorymultireportercallbacknsimemoryreporternsimemoryreportermanagernsimenuboxobjectnsimessagebroadcasternsimessagelistenernsimessagelistenermanagernsimessagesendernsimessagewakeupservicensimessengernsimicrosummarynsimicrosummarygeneratornsimicrosummaryobservernsimicrosummaryservicensimicrosummarysetnsimimeconverternsimime
headersnsimodulensimsgaccountnsimsgaccountmanagerextensionnsimsgcompfieldsnsimsgcustomcolumnhandlernsimsgdbhdrnsimsgdbviewnsimsgdbviewcommandupdaternsimsgdatabasensimsgfilternsimsgfiltercustomactionnsimsgfilterlistnsimsgfoldernsimsg
headerparsernsimsgidentitynsimsgincomingservernsimsgmessageservicensimsgprotocolinfonsimsgruleactionnsimsgsearchcustomtermnsimsgsearchnotifynsimsgsearchscopetermnsimsgsearchs...
XPCOM
unless otherwise noted you register for the topics using the nsiobserverservice.setting http request
headershttp is one of the core technologies behind the web.
... in addition to the actual content, some important information is passed with http
headers for both http requests and responses.storagestorage is a sqlite database api.
Buddy icons in mail
seth spitzer mozilla is now able to show icons in the message
header area and the addressbook card pane.
... we do not show any buddy icon if you are in "collapsed"
header mode.
The libmime module
there is one
header file and one source file for each class (for example, the mimeinlinetext class is defined in "mimetext.h" and "mimetext.c".) each
header file follows the following boiler-plate form: typedefs these come first to avoid circular dependencies.
...lude file (which includes all necessary include files for the parent classes) and then we define the class object using the mimedefclass macro: #include "foobar.h" #define mime_superclass parentlclass mimedefclass(foobar, foobarclass, foobarclass, &mime_superclass); the definition of mime_superclass is just to move most of the knowlege of the exact class hierarchy up to the file's
header, instead of it being scattered through the various methods; see below.
Creating a Custom Column
his: <?xml version="1.0"?> <overlay id="sample" xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"> <tree id="threadtree"> <treecols id="threadcols"> <splitter class="tree-splitter" /> <treecol id="colreplyto" persist="hidden ordinal width" currentview="unthreaded" flex="2" label="reply-to" tooltiptext="click to sort by the reply-to
header" /> </treecols> </tree> <!-- include our javascript file --> <script type="text/javascript" src="chrome://replyto_col/content/replyto_col.js"/> </overlay> that's it!
...getcelltext() is the text that is displayed to the user while getsort*forrow() is what is used internally when sorting by your column a simple implementation objects in javascript are just "advanced" variables, so an implementation of the nsimsgcustomcolumnhandler interface looks like: var columnhandler = { getcelltext: function(row, col) { //get the message's
header so that we can extract the reply to field var hdr = gdbview.getmsghdrat(row); return hdr.getstringproperty("replyto"); }, getsortstringforrow: function(hdr) {return hdr.getstringproperty("replyto");}, isstring: function() {return true;}, getcellproperties: function(row, col, props){}, getrowproperties: function(row, props){}, getimagesrc: fun...
Filter Incoming Mail
ded: function(amsghdr) { if( !amsghdr.isread ) { // here we are, a new mail has popped // let get a javascript string object from the subject property // querying mime conversion interface var mimeconvert = components.classes["@mozilla.org/messenger/mimeconverter;1"] .getservice(components.interfaces.nsimimeconverter); var subject = mimeconvert.decodemime
header(amsghdr.subject, null, false, true); // here with have a string to modify with javascript.
... by example, setting it to lower case subject = subject.tolocalelowercase(); // then we rebuild a subject objet by rencoding the string // and assign it to the message
headers and we're done amsghdr.subject = mimeconvert.encodemimepartiistr_utf8(subject, false, "utf-8", 0, 72); } } }; function init() { var notificationservice = components.classes["@mozilla.org/messenger/msgnotificationservice;1"] .getservice(components.interfaces.nsimsgfoldernotificationservice); notificationservice.addlistener(newmaillistener, notificationservice.msgadded); } addeventlistener("load", init, true); have a look to nsimsgdbhdr to get the full list of properties to be modified.
Plug-in Development Overview - Plugins
in addition to the dll that goes in the plugins folder, you must also place a type library and an extra
header file in the appropriate places in your application directory.
... building, platforms, and compilers the
header files and some basic examples for npapi plugins are found in the npapi-sdk project (google code).
Tips - Firefox Developer Tools
when a request is selected click "edit and resend" to modify its
headers and send it again.
... storage inspector right-click the column
headers to open a menu allowing to toggle the display of the columns.
Background Tasks API - Web APIs
</p> <div class="container"> <div class="label">decoding quantum filament tachyon emissions...</div> <progress id="progress" value="0"></progress> <div class="button" id="startbutton"> start </div> <div class="label counter"> task <span id="currenttasknumber">0</span> of <span id="totaltaskcount">0</span> </div> </div> <div class="logbox"> <div class="log
header"> log </div> <div id="log"> </div> </div> the progress box uses a <progress> element to show the progress, along with a label with sections that are changed to present numeric information about the progress.
... css content body { font-family: "open sans", "lucida grande", "arial", sans-serif; font-size: 16px; } .logbox { margin-top: 16px; width: 400px; height:500px; border-radius: 6px; border: 1px solid black; box-shadow: 4px 4px 2px black; } .log
header { margin: 0; padding: 0 6px 4px; height: 22px; background-color: lightblue; border-bottom: 1px solid black; border-radius: 6px 6px 0 0; } #log { font: 12px "courier", monospace; padding: 6px; overflow: auto; overflow-y: scroll; width: 388px; height: 460px; } .container { width: 400px; padding: 6px; border-radius: 6px; border: 1px solid black; box-shadow: 4px 4px 2px...
Cache.delete() - Web APIs
ignorevary: a boolean that, when set to true, tells the matching operation not to perform vary
header matching.
... in other words, if the url matches you will get a match regardless of whether the response object has a vary
header.
Cache.matchAll() - Web APIs
ignorevary: a boolean that when set to true tells the matching operation not to perform vary
header matching — i.e.
... if the url matches you will get a match regardless of the response object having a vary
header or not.
CacheStorage.match() - Web APIs
ignorevary: a boolean that, when set to true, tells the matching operation not to perform vary
header matching.
... in other words, if the url matches you will get a match regardless of whether the response object has a vary
header or not.
console - Web APIs
note: it's important to note that if you're using this to log the timing for network traffic, the timer will report the total time for the transaction, while the time listed in the network panel is just the amount of time required for the
header.
... if you have response body logging enabled, the time listed for the response
header and body combined should match what you see in the console output.
Device Memory API - Web APIs
accessing device memory capacity there are two ways to acces the approximate amount of ram device has: via javascript api and via client hints http
header.
... client hints
header you also may use client hints directive device-memory to retreive the same approximate ram capacity.
Introduction to the DOM - Web APIs
every element in a document—the document as a whole, the head, tables within the document, table
headers, text within the table cells—is part of the document object model for that document, so they can all be accessed and manipulated using the dom and a scripting language like javascript.
...the following very simple web page provides a <script> element in the
header in which you can place functions that test the interface, a few html elements with attributes that you can retrieve, set, or otherwise manipulate, and the web user interface necessary to call those functions from the browser.
Example - Web APIs
<html> <head> <title>my document</title> <script type="text/javascript"> function change() { // document.getelementsbytagname("h1") returns a nodelist of the h1 // elements in the document, and the first is number 0: var
header = document.getelementsbytagname("h1").item(0); // the firstchild of the
header is a text node:
header.firstchild.data = "a dynamic document"; // now the
header is "a dynamic document".
...element = document.createelement("p"); // put the text in the paragraph newelement.appendchild(newtext); // and put the paragraph on the end of the document by appending it to // the body (which is the parent of para) para.parentnode.appendchild(newelement); } </script> </head> <body> <input type="button" value="change this document." onclick="change()"> <h1>
header</h1> <p>paragraph</p> </body> </head> ...
HTMLAnchorElement.referrerPolicy - Web APIs
syntax refstr = anchorelt.referrerpolicy; anchorelt.referrerpolicy = refstr; values "no-referrer" meaning that the referer: http
header will not be sent.
... examples var elt = document.createelement("a"); var linktext = document.createtextnode("my link"); elt.appendchild(linktext); elt.href = "https://developer.mozilla.org/"; elt.referrerpolicy = "no-referrer"; var div = document.getelementbyid("divaround"); div.appendchild(elt); // when clicked, the link will not send a referrer
header.
HTMLAreaElement.referrerPolicy - Web APIs
syntax refstr = areaelt.referrerpolicy; areaelt.referrerpolicy = refstr; values "no-referrer" meaning that the referer: http
header will not be sent.
... examples <img usemap="#maparound" width="100" height="100" src="/img/logo@2x.png" /> <map id="mymap" name="maparound" />> var elt = document.createelement("area"); elt.href = "/img2.png"; elt.shape = "rect"; elt.referrerpolicy = "no-referrer"; elt.coords = "0,0,100,100"; var map = document.getelementbyid("mymap"); map.appendchild(elt); // when clicked, the area's link will not send a referrer
header.
HTMLIFrameElement.referrerPolicy - Web APIs
syntax refstr = iframeelt.referrerpolicy; iframeelt.referrerpolicy = refstr; values no-referrer the referer
header will be omitted entirely.
... strict-origin-when-cross-origin send a full url when performing a same-origin request, only send the origin when the protocol security level stays the same (https→https), and send no
header to a less secure destination (https→http).
HTMLScriptElement.referrerPolicy - Web APIs
syntax refstr = scriptelem.referrerpolicy; scriptelem.referrerpolicy = refstr; value a domstring; one of the following: no-referrer the referer
header will be omitted entirely.
...https→https), and send no
header to a less secure destination (e.g.
LargestContentfulPaint - Web APIs
may not be available if the element is a cross-origin image loaded without the timing-allow-origin
header.
...(note: `rendertime` may not be available on // image elements loaded cross-origin without the `timing-allow-origin`
header.) lcp = lastentry.rendertime || lastentry.loadtime; }); po.observe({type: 'largest-contentful-paint', buffered: true}); // send data to the server.
MediaDevices.getUserMedia() - Web APIs
for example, you may need to use the allow attribute on any <iframe> that uses getusermedia(), and pages that use getusermedia() will eventually need to supply the feature-policy
header.
... for example, this line in the http
headers will enable use of a camera for the document and any embedded <iframe> elements that are loaded from the same origin: feature-policy: camera 'self' this will request access to the microphone for the current origin and the specific origin https://developer.mozilla.org: feature-policy: microphone 'self' https://developer.mozilla.org if you're using getusermedia() within an <iframe>, you can request permission just for that frame, which is clearly more secure than requesting a more general permission.
NavigationPreloadManager - Web APIs
navigationpreloadmanager.set
headervalue() sets the value of the service-worker-navigation-preload
header and returns an empty promise.
... samsung internet android full support 8.0set
headervalue experimentalchrome full support 62edge full support 18firefox no support nonotes no support nonotes notes implementation tracked in bug 1290958ie ?
NavigatorID.userAgent - Web APIs
some firefox extensions do that; however, this only changes the http
header that gets sent, and doesn't affect browser detection performed by javascript code.
... syntax var ua = navigator.useragent; value a domstring specifying the complete user agent string the browser provides both in http
headers and in response to this and other related methods on the navigator object.
ProgressEvent() - Web APIs
when downloading a resource using http, this only represent the part of the content itself, not
headers and other overhead.
...when downloading a resource using http, this only represent the content itself, not
headers and other overhead.
ProgressEvent.initProgressEvent() - Web APIs
when downloading a resource using http, this only represent the part of the content itself, not
headers and other overhead.
...when downloading a resource using http, this only represent the content itself, not
headers and other overhead.
ProgressEvent - Web APIs
when downloading a resource using http, this only represent the part of the content itself, not
headers and other overhead.
...when downloading a resource using http, this only represent the content itself, not
headers and other overhead.
RTCIceCandidatePairStats.bytesReceived - Web APIs
the rtcicecandidatepairstats property bytesreceived indicates the total number of payload bytes—that is, bytes which aren't overhead such as
headers or padding—that hve been received to date on the connection described by the candidate pair.
...only data bytes are counted; overhead such as padding,
headers, and the like are not included in this count.
RTCIceCandidatePairStats.bytesSent - Web APIs
the rtcicecandidatepairstats property bytessent indicates the total number of payload bytes—that is, bytes which aren't overhead such as
headers or padding—that hve been sent so far on the connection described by the candidate pair.
...only data bytes are counted; overhead such as padding,
headers, and the like are not included in this count.
RTCIceCandidatePairStats - Web APIs
bytesreceieved optional the total number of payload bytes received (that is, the total number of bytes received minus any
headers, padding, or other administrative overhead) on this candidate pair so far.
... bytessent optional the total number of payload bytes sent (that is, the total number of bytes sent minus any
headers, padding, or other administrative overhead) so far on this candidate pair.
RTCRtpParameters - Web APIs
headerextensions an array of zero or more rtp
header extensions, each identifying an extension supported by the sender or receiver.
...
header extensions are described in rfc 3550: 5.3.1.
ReadableStream.cancel() - Web APIs
var searchterm = "service workers"; // chars to show either side of the result in the match var contextbefore = 30; var contextafter = 30; var caseinsensitive = true; var url = 'https://html.spec.whatwg.org/'; console.log(`searching '${url}' for '${searchterm}'`); fetch(url).then(response => { console.log('received
headers'); var decoder = new textdecoder(); var reader = response.body.getreader(); var tomatch = caseinsensitive ?
...does the response lack cors
headers?"); throw err; }); specifications specification status comment streamsthe definition of 'cancel()' in that specification.
Request.cache - Web APIs
fetch("some.json", {cache: "reload"}) .then(function(response) { /* consume the response */ }); // download a resource with cache busting when dealing with a // properly configured server that will send the correct etag // and date
headers and properly handle if-modified-since and // if-none-match request
headers, therefore we can rely on the // validation to guarantee a fresh response.
... ({status: 504}) : // workaround for chrome; which simply fails with a typeerror promise.reject(e)) .then(res => { if (res.status === 504) { controller.abort() controller = new abortcontroller(); return fetch("some.json", {cache: "force-cache", mode: "same-origin", signal: controller.signal}) } const date = res.
headers.get("date"), dt = date ?
Request.referrerPolicy - Web APIs
the referrerpolicy read-only property of the request interface returns the referrer policy, which governs what referrer information, sent in the referer
header, should be included with the request.
...for more information and possible values, see the referrer-policy http
header page.
Using the Resource Timing API - Web APIs
the transfersize property returns the size (in octets) of the fetched resource including the response
header fields plus the response payload body.
...this requires the server providing the resource to send the timing-allow-origin http response
header with a value specifying the origin or origins which are allowed to get the restricted timestamp values.
Resource Timing API - Web APIs
this requires the server providing the resource to send the timing-allow-origin http response
header with a value specifying the origin or origins which are allowed to get the restricted timestamp values.
...the transfersize property returns the size (in octets) of the fetched resource including the response
header fields plus the response payload body.
Response - Web APIs
properties response.
headers read only the
headers object associated with the response.
... response.trailers a promise resolving to a
headers object, associated with the response with response.
headers for values of the http trailer
header.
Using the Screen Capture API - Web APIs
this can be done using the feature-policy http
header or—if you're using the screen capture api in an <iframe>, the <iframe> element's allow attribute.
... for example, this line in the http
headers will enable screen capture api for the document and any embedded <iframe> elements that are loaded from the same origin: feature-policy: display-capture 'self' if you're performing screen capture within an <iframe>, you can request permission just for that frame, which is clearly more secure than requesting a more general permission: <iframe src="https://mycode.example.net/etc" allow="display-capture"> </iframe> ...
Using Web Workers - Web APIs
so for example, suppose a document is served with the following
header: content-security-policy: script-src 'self' among other things, this will prevent any scripts it includes from using eval().
... to specify a content security policy for the worker, set a content-security-policy response
header for the request which delivered the worker script itself.
XMLHttpRequest.send() - Web APIs
if no accept
header has been set using the setrequest
header(), an accept
header with the type "*/*" (any type) is sent.
...}; xhr.send(null); // xhr.send('string'); // xhr.send(new blob()); // xhr.send(new int8array()); // xhr.send(document); example: post var xhr = new xmlhttprequest(); xhr.open("post", '/server', true); //send the proper
header information along with the request xhr.setrequest
header("content-type", "application/x-www-form-urlencoded"); xhr.onreadystatechange = function() { // call a function when the state changes.
ARIA: Region role - Accessibility
every element with a region role should include a label that describes the purpose of the content in the region, preferably with an aria-labelledby referencing a visible
header.
... if no visible appropriate
header is present, aria-label should be used..
display - CSS: Cascading Style Sheets
table-
header-group these elements behave like <thead> html elements.
...&& list-item<display-internal> = table-row-group | table-
header-group | table-footer-group | table-row | table-cell | table-column-group | table-column | table-caption | ruby-base | ruby-text | ruby-base-container | ruby-text-container<display-box> = contents | none<display-legacy> = inline-block | inline-list-item | inline-table | inline-flex | inline-grid examples display value comparison in this example we have two block-level container elements, each o...
font-style - CSS: Cascading Style Sheets
html <
header> <input type="range" id="slant" name="slant" min="-90" max="90" /> <label for="slant">slant</label> </
header> <div class="container"> <p class="sample">...it would not be wonderful to meet a megalosaurus, forty feet long or so, waddling like an elephantine lizard up holborn hill.</p> </div> css /* amstelvaralpha-vf is created by david berlow (https://github.com/typenetwork/amstelva...
...s://mdn.mozillademos.org/files/16044/amstelvaralpha-vf.ttf'); font-family:'amstelvaralpha'; font-style: normal; } label { font: 1rem monospace; } .container { max-height: 150px; overflow: scroll; } .sample { font: 2rem 'amstelvaralpha', sans-serif; } html, body { max-height: 100vh; max-width: 100vw; overflow: hidden; } body { display: flex; flex-direction: column; }
header { margin-bottom: 1.5rem; } .container { flex-grow: 1; } .container > p { margin-top: 0; margin-bottom: 0; } javascript let slantlabel = document.queryselector('label[for="slant"]'); let slantinput = document.queryselector('#slant'); let sampletext = document.queryselector('.sample'); function update() { let slant = `oblique ${slantinput.value}deg`; slantlabel.textcontent = `fon...
font-weight - CSS: Cascading Style Sheets
html <
header> <input type="range" id="weight" name="weight" min="1" max="1000" /> <label for="weight">weight</label> </
header> <div class="container"> <p class="sample">...it would not be wonderful to meet a megalosaurus, forty feet long or so, waddling like an elephantine lizard up holborn hill.</p> </div> css /* mutator sans is created by letterror (https://github.com/letterror/mutatorsans) a...
...torsans.ttf'); font-family:'mutatorsans'; font-style: normal; } label { font: 1rem monospace; white-space: nowrap; } .container { max-height: 150px; overflow-y: auto; } .sample { text-transform: uppercase; font: 1.5rem 'mutatorsans', sans-serif; } html, body { max-height: 100vh; max-width: 100vw; overflow: hidden; } body { display: flex; flex-direction: column; }
header { margin-bottom: 1.5rem; } .container { flex-grow: 1; } .container > p { margin-top: 0; margin-bottom: 0; } javascript let weightlabel = document.queryselector('label[for="weight"]'); let weightinput = document.queryselector('#weight'); let sampletext = document.queryselector('.sample'); function update() { weightlabel.textcontent = `font-weight: ${weightinput.value};`; samplet...
revert - CSS: Cascading Style Sheets
revert will revert to bold because this is a default value for
headers in most browsers.
...also note that both the
header and plain text node is black.
HTML attribute: rel - HTML: Hypertext Markup Language
not allowed annotation annotation noreferrer no referer
header will be included.
... noreferrer relevant to <form>, <a>, and <area>, including this value makes the referrer unknown (no referer
header will be included), and opens the creates a top-level browsing context, as if noopener were also set.
<address>: The Contact Address element - HTML: Hypertext Markup Language
<address> can be used in a variety of contexts, such as providing a business's contact information in the page
header, or indicating the author of an article by including an <address> element within the <article>.
... permitted content flow content, but with no nested <address> element, no heading content (<hgroup>, <h1>, <h2>, <h3>, <h4>, <h5>, <h6>), no sectioning content (<article>, <aside>, <section>, <nav>), and no <
header> or <footer> element.
<area> - HTML: Hypertext Markup Language
referrerpolicy a string indicating which referrer to use when fetching the resource: "no-referrer" meaning that the referer:
header will not be sent.
... "no-referrer-when-downgrade" meaning that no referer:
header will be sent when navigating to an origin without tls (https).
<meta>: The Document-level Metadata element - HTML: Hypertext Markup Language
if the http-equiv attribute is set, the meta element is a pragma directive, providing information equivalent to what can be given by a similarly-named http
header.
...the attribute is named http-equiv(alent) because all the allowed values are names of particular http
headers: content-security-policy allows page authors to define a content policy for the current page.
Preloading content with rel="preload" - HTML: Hypertext Markup Language
set the correct accept request
headers for it.
... let's look at an example (see it on github — source code, live example): <head> <meta charset="utf-8"> <title>responsive preload example</title> <link rel="preload" href="bg-image-narrow.png" as="image" media="(max-width: 600px)"> <link rel="preload" href="bg-image-wide.png" as="image" media="(min-width: 601px)"> <link rel="stylesheet" href="main.css"> </head> <body> <
header> <h1>my site</h1> </
header> <script> var mediaquerylist = window.matchmedia("(max-width: 600px)"); var
header = document.queryselector('
header'); if (mediaquerylist.matches) {
header.style.backgroundimage = 'url(bg-image-narrow.png)'; } else {
header.style.backgroundimage = 'url(bg-image-wide.png)'; } </script> </body> we include media attributes on ou...
HTML: Hypertext Markup Language
html markup includes special "elements" such as <head>, <title>, <body>, <
header>, <footer>, <article>, <section>, <p>, <div>, <span>, <img>, <aside>, <audio>, <canvas>, <datalist>, <details>, <embed>, <nav>, <output>, <progress>, <video>, <ul>, <ol>, <li> and many others.
... advanced topics cors enabled image the crossorigin attribute, in combination with an appropriate cors
header, allows images defined by the <img> element to be loaded from foreign origins and used in a <canvas> element as if they were being loaded from the current origin.
CORS errors - HTTP
reason: cors disabled reason: cors request did not succeed reason: cors
header ‘origin’ cannot be added reason: cors request external redirect not allowed reason: cors request not http reason: cors
header ‘access-control-allow-origin’ missing reason: cors
header ‘access-control-allow-origin’ does not match ‘xyz’ reason: credential is not supported if the cors
header ‘access-control-allow-origin’ is ‘*’ reason: did not find method in cors
header...
... ‘access-control-allow-methods’ reason: expected ‘true’ in cors
header ‘access-control-allow-credentials’ reason: cors preflight channel did not succeed reason: invalid token ‘xyz’ in cors
header ‘access-control-allow-methods’ reason: invalid token ‘xyz’ in cors
header ‘access-control-allow-
headers’ reason: missing token ‘xyz’ in cors
header ‘access-control-allow-
headers’ from cors preflight channel reason: multiple cors
header ‘access-control-allow-origin’ not allowed ...
Access-Control-Allow-Methods - HTTP
the access-control-allow-methods response
header specifies the method or methods allowed when accessing the resource in response to a preflight request.
...
header type response
header forbidden
header name no syntax access-control-allow-methods: <method>, <method>, ...
Access-Control-Max-Age - HTTP
the access-control-max-age response
header indicates how long the results of a preflight request (that is the information contained in the access-control-allow-methods and access-control-allow-
headers
headers) can be cached.
...
header type response
header forbidden
header name no syntax access-control-max-age: <delta-seconds> directives <delta-seconds> maximum number of seconds the results can be cached.
Authorization - HTTP
the http authorization request
header contains the credentials to authenticate a user agent with a server, usually, but not necessarily, after the server has responded with a 401 unauthorized status and the www-authenticate
header.
...
header type request
header forbidden
header name no syntax authorization: <type> <credentials> directives <type> authentication type.
Content-Length - HTTP
the content-length entity
header indicates the size of the entity-body, in bytes, sent to the recipient.
...
header type entity
header forbidden
header name yes syntax content-length: <length> directives <length> the length in decimal number of octets.
Content-Range - HTTP
the content-range response http
header indicates where in a full body message a partial message belongs.
...
header type response
header forbidden
header name no cors-safelisted response-
header no syntax content-range: <unit> <range-start>-<range-end>/<size> content-range: <unit> <range-start>-<range-end>/* content-range: <unit> */<size> directives <unit> the unit in which ranges are specified.
Cookie2 - HTTP
the obsolete cookie2 http request
header used to advise the server that the user agent understands "new-style" cookies, but nowadays user agents will use the cookie
header instead, not this one.
...
header type request
header forbidden
header name yes examples cookie2: $version="1" specifications specification title rfc 2965: cookie2 historic specification of http state management mechanism, obsoleted by rfc 6265 ...
Date - HTTP
the date general http
header contains the date and time at which the message was originated.
... note that date is listed in the forbidden
header names in the fetch spec - so this code will not send date
header: fetch('https://httpbin.org/get', { '
headers': { 'date': (new date()).toutcstring() } })
header type general
header forbidden
header name yes syntax date: <day-name>, <day> <month> <year> <hour>:<minute>:<second> gmt directives <day-name> one of "mon", "tue", "wed", "thu", "fri", "sat", or "sun" (case-sensitive).
NEL - HTTP
the http nel response
header is used to configure network request logging.
...
header type response
header forbidden
header name no syntax nel: { "report_to": "name_of_reporting_group", "max_age": 12345, "include_subdomains": false, "success_fraction": 0.0, "failure_fraction": 1.0 } specifications specification network error logging ...
Proxy-Authorization - HTTP
the http proxy-authorization request
header contains the credentials to authenticate a user agent to a proxy server, usually after the server has responded with a 407 proxy authentication required status and the proxy-authenticate
header.
...
header type request
header forbidden
header name no syntax proxy-authorization: <type> <credentials> directives <type> authentication type.
Save-Data - HTTP
the save-data
header field is a boolean which, in requests, indicates the client's preference for reduced data usage.
... examples the vary
header ensures that the content is cached properly (for instance ensuring that the user is not served a lower-quality image from the cache when save-data
header is no longer present [e.g.
Sec-Fetch-Mode - HTTP
the sec-fetch-mode fetch metadata
header indicates the request's mode.
...
header type fetch metadata request
header forbidden
header name yes, since it has prefix sec- cors-safelisted request
header syntax sec-fetch-mode: cors sec-fetch-mode: navigate sec-fetch-mode: nested-navigate sec-fetch-mode: no-cors sec-fetch-mode: same-origin sec-fetch-mode: websocket values cors navigate nested-navigate no-cors same-origin websocket examples todo specifications specification title fetch metadata request
headers the sec-fetch-mode http request
header ...
Server - HTTP
the server
header describes the software used by the origin server that handled the request — that is, the server that generated the response.
...
header type response
header forbidden
header name no syntax server: <product> directives <product> the name of the software or product that handled the request.
Set-Cookie2 - HTTP
the obsolete set-cookie2 http response
header used to send cookies from the server to the user agent, but has been deprecated by the specification.
...
header type response
header forbidden
header name no syntax set-cookie2: <cookie-name>=<cookie-value> set-cookie2: <cookie-name>=<cookie-value>; comment=<value> set-cookie2: <cookie-name>=<cookie-value>; commenturl=<http-url> set-cookie2: <cookie-name>=<cookie-value>; discard set-cookie2: <cookie-name>=<cookie-value>; domain=<domain-value> set-cookie2: <cookie-name>=<cookie-value>; max-age=<non-zero-digit> set-cookie2: <cookie-name>=<cookie-value>; path=<path-value> set-cookie2: <cookie-name>=<cookie-value>; port=<port-number> set-cookie2: <cookie-name>=<cookie-value>; secure set-cookie2: <cookie-name>=<cookie-value>; version=<version-number> // multiple directives are also possible, for example: set-cookie2: <cookie-name>=<cookie-value>...
SourceMap - HTTP
the sourcemap http response
header links generated code to a source map, enabling the browser to reconstruct the original source and present the reconstructed original in the debugger.
...
header type response
header forbidden
header name no syntax sourcemap: <url> x-sourcemap: <url> (deprecated) directives <url> a relative (to the request url) or absolute url pointing to a source map file.
Timing-Allow-Origin - HTTP
the timing-allow-origin response
header specifies origins that are allowed to see values of attributes retrieved via features of the resource timing api, which would otherwise be reported as zero due to cross-origin restrictions.
...
header type response
header forbidden
header name no syntax timing-allow-origin: * timing-allow-origin: <origin>[, <origin>]* directives * the server may specify "*" as a wildcard, thereby allowing any origin to see timing resources.
User-Agent - HTTP
the user-agent request
header is a characteristic string that lets servers and network peers identify the application, operating system, vendor, and/or version of the requesting user agent.
...
header type request
header forbidden
header name no syntax user-agent: <product> / <product-version> <comment> common format for web browsers: user-agent: mozilla/5.0 (<system-information>) <platform> (<platform-details>) <extensions> directives <product> a product identifier — its name or development codename.
Via - HTTP
the via general
header is added by proxies, both forward and reverse proxies, and can appear in the request
headers and the response
headers.
...
header type general
header forbidden
header name yes syntax via: [ <protocol-name> "/" ] <protocol-version> <host> [ ":" <port> ] or via: [ <protocol-name> "/" ] <protocol-version> <pseudonym> directives <protocol-name> optional.
PATCH - HTTP
to find out whether a server supports patch, a server can advertise its support by adding it to the list in the allow or access-control-allow-methods (for cors) response
headers.
... another (implicit) indication that patch is allowed, is the presence of the accept-patch
header, which specifies the patch document formats accepted by the server.
POST - HTTP
the type of the body of the request is indicated by the content-type
header.
...the keys are given in the content-disposition
header of each part.
101 Switching Protocols - HTTP
the http 101 switching protocols response code indicates the protocol the server is switching to as requested by a client which sent the message including the upgrade request
header.
... the server includes in this response an upgrade response
header to indicate the protocol it switched to.
304 Not Modified - HTTP
this happens when the request method is safe, like a get or a head request, or when the request is conditional and uses a if-none-match or a if-modified-since
header.
... the equivalent 200 ok response would have included the
headers cache-control, content-location, date, etag, expires, and vary.
411 Length Required - HTTP
the hypertext transfer protocol (http) 411 length required client error response code indicates that the server refuses to accept the request without a defined content-length
header.
... note: by specification, when sending data in a series of chunks, the content-length
header is omitted and at the beginning of each chunk you need to add the length of the current chunk in hexadecimal format.
417 Expectation Failed - HTTP
the http 417 expectation failed client error response code indicates that the expectation given in the request's expect
header could not be met.
... see the expect
header for more details.
428 Precondition Required - HTTP
typically, this means that a required precondition
header, such as if-match, is missing.
... when a precondition
header is not matching the server side state, the response should be 412 precondition failed.
501 Not Implemented - HTTP
this status can also send a retry-after
header, telling the requester when to check back to see if the functionality is supported by then.
... a 501 response is cacheable by default; that is, unless caching
headers instruct otherwise.
503 Service Unavailable - HTTP
this response should be used for temporary conditions and the retry-after http
header should, if possible, contain the estimated time for the recovery of the service.
... caching-related
headers that are sent along with this response should be taken care of, as a 503 status is often a temporary condition and responses shouldn't usually be cached.
Warning: -file- is being assigned a //# sourceMappingURL, but already has one - JavaScript
there are two ways to assign a source map, either by using a comment or by setting a
header to the javascript file.
... examples setting source maps setting a source map by using a comment in the file: //# sourcemappingurl=http://example.com/path/to/your/sourcemap.map or, alternatively, you can set a
header to your javascript file: x-sourcemap: /path/to/file.js.map ...
Progressive web app structure - Progressive web apps (PWAs)
="theme-color" content="#b12a34"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta property="og:image" content="icons/icon-512.png"> <link rel="shortcut icon" href="favicon.ico"> <link rel="stylesheet" href="style.css"> <link rel="manifest" href="js13kpwa.webmanifest"> <script src="data/games.js" defer></script> <script src="app.js" defer></script> </head> <body> <
header> <p><a class="logo" href="http://js13kgames.com"><img src="img/js13kgames.png" alt="js13kgames"></a></p> </
header> <main> <h1>js13kgames a-frame entries</h1> <p class="description">list of games submitted to the <a href="http://js13kgames.com/aframe">a-frame category</a> in the <a href="http://2017.js13kgames.com">js13kgames 2017</a> competition.
...the <body> is split into the <
header> (containing linked image), <main> page (with title, description and place for a content), and <footer> (copy and links).
How to make PWAs re-engageable using Notifications and Push - Progressive web apps (PWAs)
fetch('./register', { method: 'post',
headers: { 'content-type': 'application/json' }, body: json.stringify({ subscription: subscription }), }); then the globaleventhandlers.onclick function on the subscribe button is defined: document.getelementbyid('doit').onclick = function() { const payload = document.getelementbyid('notification-payload').value; const delay = document.getelementbyid('notification-d...
...elay').value; const ttl = document.getelementbyid('notification-ttl').value; fetch('./sendnotification', { method: 'post',
headers: { 'content-type': 'application/json' }, body: json.stringify({ subscription: subscription, payload: payload, delay: delay, ttl: ttl, }), }); }; when the button is clicked, fetch asks the server to send the notification with the given parameters: payload is the text that to be shown in the notification, delay defines a delay in seconds until the notification will be shown, and ttl is the time-to-live setting that keeps the notification available on the server for a specified amount of time, also defined in seconds.
Media - Progressive web apps (PWAs)
for example, the mozilla browser supplies default margins,
headers, and footers for printing.
...the stylesheet places each section on a separate page, and it adds a
header and footer to each page.
Responsive Navigation Patterns - Progressive web apps (PWAs)
pros: one button in
header maximizes space for content on a small screen important items stay visiblein most screen sizes and you decide the item priorities legibility of navigation items is maintained with adequate spacing, by automatically hiding items that don't fit cons: navigation items might be less discoverable because some items are hidden in the drop-down or toggle menu users may not notice the button...
... pros: potentially displays more navigation items in a left navigation compared to a top navigation most items are always visible except in the smallest screen size one button in
header maximizes space for content on a small screen cons: navigation items might be less discoverable because some items are hidden in the drop-down or toggle menu users may not notice the button contains a navigation menu in the smallest screen size one more step is needed to access the navigation items that are hidden ...
The building blocks of responsive design - Progressive web apps (PWAs)
let's look at a quick example:
header { height: 300px; width: 100%; background: url(images/small-
header.jpg) center; } @media all and (min-width: 480px) {
header { background: url(images/large-
header.jpg) center; } } this means that mobile browsers only download the mobile background image asset — not the desktop mobile assets — because they fail the media query tests and therefore ignore the media queries.
... you can also serve a larger graphic to a higher resolution device using a resolution media query, like so: button { background: url(images/low-res-
header.jpg) 1rem center ; } @media only screen and (-webkit-min-device-pixel-ratio: 2), only screen and ( min-resolution: 192dpi), only screen and ( min-resolution: 2dppx) { button { background: url(images/high-res-
header.jpg) 1rem center ; } } this looks rather complicated, but really it's not — we are providing a number of media query options, as at this time different browsers support different resolution media query types and even units.
Structural overview of progressive web apps - Progressive web apps (PWAs)
="theme-color" content="#b12a34"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta property="og:image" content="icons/icon-512.png"> <link rel="shortcut icon" href="favicon.ico"> <link rel="stylesheet" href="style.css"> <link rel="manifest" href="js13kpwa.webmanifest"> <script src="data/games.js" defer></script> <script src="app.js" defer></script> </head> <body> <
header> <p><a class="logo" href="http://js13kgames.com"><img src="img/js13kgames.png" alt="js13kgames"></a></p> </
header> <main> <h1>js13kgames a-frame entries</h1> <p class="description">list of games submitted to the <a href="http://js13kgames.com/aframe"> a-frame category</a> in the <a href="http://2017.js13kgames.com">js13kgames 2017</a> competition.
...the <body> is split into the <
header> (which displays an image) and the body of the app, which is found inside a <main> element.
mimeTypes.rdf corruption - SVG: Scalable Vector Graphics
for files loaded over the network via http, it requires and uses the value assigned to the content-type http
header.
...actually, in mozilla firefox 1.5, the media type for files embedded into html using the html <embed> and <object> tags is (unfortunately) obtained in the same way as it's obtained for local files instead of using the http
headers as it should.
Securing your site - Web security
http strict transport security the strict-transport-security: http
header lets a website specify that it may only be accessed using https.
... the x-frame-options response
header the x-frame-options: http response
header can be used to indicate whether or not a browser should be allowed to render a page in a <frame>.
tabs - Archive of obsolete content
this may come from http
headers or other sources of mime information, and might be affected by automatic type conversions performed by either the browser or extensions.
system/events - Archive of obsolete content
var events = require("sdk/system/events"); var { ci } = require("chrome"); function listener(event) { var channel = event.subject.queryinterface(ci.nsihttpchannel); channel.setrequest
header("user-agent", "mybrowser/1.0", false); } events.on("http-on-modify-request", listener); globals functions emit(type, event) send an event to observer service parameters type : string the event type.
Post data to window - Archive of obsolete content
createinstance(ci.nsimimeinputstream); postdata.add
header("content-type", "application/x-www-form-urlencoded"); postdata.addcontentlength = true; postdata.setdata(stringstream); // postdata is ready to be used as apostdata argument ...
CSS3 - Archive of obsolete content
filter effects module level 1 working draft css generated content for paged media module working draft adds the ability to tailor printed version of a document by allowing to control
header, footer but also references tables like indexes or tables of content.
Index of archived content - Archive of obsolete content
syncing the cvs repository running windows debug builds downloaded from tinderbox sxsw 2007 presentations safe browsing safe browsing: design documentation safely loading uris same origin policy for xbl space manager detailed design space manager high level design standalone xpcom standard makefile
header static analysis for windows code under linux stress testing string quick reference string rosetta stone structure of an installable bundle supporting per-window private browsing supporting private browsing mode table cellmap table cellmap - border collapse table layout regression tests ta...
Creating a hybrid CD - Archive of obsolete content
raw 'sitx' 'zip ' "gzip file" .tgz raw 'sitx' 'zip ' "tar.gz gzip file" .tar raw 'sitx' 'tarf' "tar file" .tif raw '8bim' 'tiff' "photoshop tiff image" .doc raw 'mswd' 'wdbn' "word file" .mov raw 'tvod' 'moov' "quicktime movie" .bin raw 'sitx' 'bina' "mac binary" .h ascii 'cwie' 'text' "c/c++
header file" .c ascii 'cwie' 'text' "c source file" .cp ascii 'cwie' 'text' "c++ source file" .cpp ascii 'cwie' 'text' "c++ source file" .exp ascii 'cwie' 'text' "symbol export file" .mcp raw 'cwie' 'mmpr' "codewarrior project file" .r ascii 'mps ' 'text' "rez file" .html ascii 'moss' 'text' "html file" .htm ascii '...
In-Depth - Archive of obsolete content
button, checkbox-container, checkbox, dialog, dualbutton, dualbutton-dropdown, listbox, menu, menulist-textfield, menulist-button, menulist, menulist-text, progressbar, progresschunk, radio-container, radio, resizer, resizerpanel, separator, scrollbar, statusbar, statusbarpanel, toolbarbutton, toolbox, toolbar, tree
headercell, tree
headersortarrow, treeview, treeitem, treetwisty, treetwistyopen, tooltip, textfield, tabpanels, tab, tab-left-edge, tab-right-edge, scrollbartrack-horizontal, scrollbartrack-vertical, scrollbarthumb-vertical, scrollbarthumb-horizontal, scrollbarbutton-right, scrollbarbutton-down, scrollbarbutton-left, scrollbarbutton-up, scrollbargripper-vertical, scrollbargripper-horizontal -moz-border-...
Code snippets - Archive of obsolete content
mainwindow.gbrowser.addtab(url); } } partially corrupt a server components.utils.import("resource://services-sync/main.js"); components.utils.import("resource://services-sync/resource.js"); function deletepath(path) { let resource = new resource(weave.service.storageurl + path); resource.set
header("x-confirm-delete", "1"); return resource.delete(); } // delete meta/global: deletepath("meta/global"); // delete keys: deletepath("crypto/keys"); // delete server: deletepath(""); corrupt a single engine on the server let engine = "bookmarks"; components.utils.import("resource://services-sync/main.js"); components.utils.import("resource://services-sync/resource.js"); components.utils.impor...
HTTP Class Overview - Archive of obsolete content
treamprovider talks to the socket transport service feeds data to its transaction object routes progress notifications nshttpconnectioninfo identifies a connection nshttptransaction implements nsirequest encapsulates a http request and response parses incoming data nshttpchunkeddecoder owned by a transaction strips chunked transfer encoding nshttprequesthead owns a nshttp
headerarray knows how to fill a request buffer nshttpresponsehead owns a nshttp
headerarray knows how to parse response lines performs common
header manipulations/calculations nshttp
headerarray stores http "<
header>:<value>" pairs nshttpauthcache stores authentication credentials for http auth domains nshttpbasicauth implements nsihttpauthenticator generates basic auth credentials...
Theme changes in Firefox 2 - Archive of obsolete content
#application #feedbody #feedchangesubscribeoptions #feederror #feed
header #feed
header[firstrun="true"] #feed
header[firstrun="true"] #feedintrotext #feed
header[firstrun="true"] #feedsubscribeline #feedintrotext #feedsubscribedonechangingoptions #feedsubscribehandletext #feedsubscribehandler #feedsubscribeline #feedsubscribeoptions #feedsubscribeoptionsgroup #feedsubscribeoptionsgrouptitle #feedtitlecontainer #feedtitleimage #feedtitlelink #readercontainer...
Obsolete: XPCOM-based scripting for NPAPI plugins - Archive of obsolete content
the following html code will do the job:</p> this should be changed, we shouldn't advocate embed <embed type="application/plugin-mimetype"> <script language="javascript"> var embed = document.embeds[0]; embed.nativemethod(); </script> how to build and install having the built mozilla tree is probably not necessary, but building the plugin with a scriptable instance interface will require mozilla
headers and the xpcom compatible idl compiler -- xpidl.exe.
Create the Canvas and draw on it - Game development
<meta charset="utf-8" /> <title>gamedev canvas workshop</title> <style> * { padding: 0; margin: 0; } canvas { background: #eee; display: block; margin: 0 auto; } </style> </head> <body> <canvas id="mycanvas" width="480" height="320"></canvas> <script> // javascript code goes here </script> </body> </html> we have a charset defined, <title> and some basic css in the
header.
Visual-js game engine - Game development
2) you are free to use any version of visual js library in any other project (even commercial projects) as long as the copyright
header is left intact except for plugins on sale and graphics that come with them (they have special commercial licence).
Gecko FAQ - Gecko Redirect 1
by the end of calendar year 2000, gecko is expected to support the following recommended open internet standards fully except for the areas noted below and open bugs documented in bugzilla: html 4.0 - full support except for: elements: bdo, basefont attributes: shape attribute on the a element, abbr, axis,
headers, scope-row, scope-col, scope-rowgroup, scope-colgroup, charoff, datasrc, datafld, dataformat, datapagesize, summary, event, dir, align on table columns, label attribute of option, alternate text of area elements, longdesc various metadata attributes: cite, datetime, lang, hreflang bidirectional text layout, which is only used in hebrew and arabic (ibm has begun work to add bidi support in ...
Breadcrumb - MDN Web Docs Glossary: Definitions of Web-related terms
a breadcrumb, or breadcrumb trail, is a navigational aid that is typically placed between a site's
header and the main content, displaying either a hierarchy of the current page in relation to the the site's structure, from top level to current page, or a list of the links the user followed to get to the current page, in the order visited.
MitM - MDN Web Docs Glossary: Definitions of Web-related terms
learn more owasp article: man-in-the-middle attack wikipedia: man-in-the-middle attack the public-key-pins
header (hpkp) can significantly decrease the risk of mitm by instructing browsers to require a whitelisted certificate for all subsequent connections to that website.
HTTP delegation
to learn about all the details, please read the documentation contained in the nss c
header files.
HTTP delegation
to learn about all the details, please read the documentation contained in the nss c
header files.
4.3.1 Release Notes
to obtain the version info from the jar file use, "system.out.println(org.mozilla.jss.cryptomanager.jar_jss_version)" and to check the shared library: strings libjss4.so | grep -i
header feedback bugs discovered should be reported by filing a bug report with bugzilla.
4.3 Release Notes
to obtain the version info from the jar file use, "system.out.println(org.mozilla.jss.cryptomanager.jar_jss_version)" and to check the shared library: strings libjss4.so | grep -i
header feedback bugs discovered should be reported by filing a bug report with bugzilla.
NSS_3.11.10_release_notes.html
the tar.gz or zip file expands to an nss-3.11.10 directory containing three subdirectories: include - nss
header files lib - nss shared libraries bin - nss tools and test programs you also need to download the nspr 4.7.1 binary distributions to get the nspr 4.7.1
header files and shared libraries, which nss 3.11.10 requires.
NSS 3.12.9 release notes
you also need to download the nspr 4.8.7 binary distributions to get the nspr 4.8.7
header files and shared libraries, which nss 3.12.9 requires.
NSS 3.16.3 release notes
this function was already added in nss 3.16.2, however, it wasn't declared in a public
header file.
NSS 3.20 release notes
please refer to the comments in the
header file that declares the ssl_enableweakdheprimegroup api for additional details.
NSS Sample Code Sample_1_Hashing
sample code 1 /* nspr
headers */ #include <prprf.h> #include <prtypes.h> #include <plgetopt.h> #include <prio.h> /* nss
headers */ #include <secoid.h> #include <secmodt.h> #include <sechash.h> typedef struct { const char *hashname; secoidtag oid; } nametagpair; /* the hash algorithms supported */ static const nametagpair hash_names[] = { { "md2", sec_oid_md2 }, { "md5", sec_oid_md5 }, { "sha1", sec_oid_sha1 }, { "sha256", sec_oid_sha256 }, { "sha384", sec_oid_sha384 }, { "sha512", sec_oid_sha512 } }; /* * maps a hash name to a secoidtag.
NSS Sample Code Sample_2_Initialization of NSS
sample code 1 /* nspr
headers */ #include <prthread.h> #include <plgetopt.h> #include <prprf.h> /* nss
headers */ #include <nss.h> #include <pk11func.h> #include "util.h" /* print a usage message and exit */ static void usage(const char *progname) { fprintf(stderr, "\nusage: %s -d <dbdirpath> [-p <plainpasswc>]" " [-f <passwdffile>]\n\n", progname); fprintf(stderr, "%-15s specify a db directory path\n\n", "-d <dbdirpath>"); fprintf(stderr, "%-15s specify a plaintext password\n\n", "-p <plainpasswc>"); fprintf(stderr, "%-15s specify a password file\n\n"...
Hashing - sample 1
*/ /* nspr
headers */ #include <prprf.h> #include <prtypes.h> #include <plgetopt.h> #include <prio.h> /* nss
headers */ #include <secoid.h> #include <secmodt.h> #include <sechash.h> #include <nss.h> typedef struct { const char *hashname; secoidtag oid; } nametagpair; /* the hash algorithms supported */ static const nametagpair hash_names[] = { { "md2", sec_oid_md2 }, { "md5", sec_oid_md5 }, { "sha1", sec_oid_sh...
sample1
/* nspr
headers */ #include <prprf.h> #include <prtypes.h> #include <plgetopt.h> #include <prio.h> #include <prprf.h> /* nss
headers */ #include <secoid.h> #include <secmodt.h> #include <sechash.h> typedef struct { const char *hashname; secoidtag oid; } nametagpair; /* the hash algorithms supported */ static const nametagpair hash_names[] = { { "md2", sec_oid_md2 }, { "md5", sec_oid_md5 }, { "sha1", sec_oid_sha1 }, { "sha256", sec_oid_sha256 }, { "sha384", sec_oid_sha384 }, { "sha512", sec_oid_sha512 } }; /* maps a hash name to a secoidtag.
NSS sources building testing
exported
header files for nss applications can be found in directory "include", library files in directory "lib", and the tools in directory "bin".
XPCOM Interface Reference by grouping
memory nsimemory network channel nsichannel nsichanneleventsink nsirequest nsirequestobserver nsiresumablechannel nsidnsservice nsiftpchannel nsiftpeventsink nsihttpchannel nsihttpchannelinternal nsihttp
headervisitor nsiidnservice nsiprotocolhandler nsiprotocolproxycallback nsiprotocolproxyfilter nsiprotocolproxyservice nsiproxyinfo preferences nsiiniparser nsiiniparserfactory nsiprefbranch nsiprefbranch2 nsipreflocalizedstring nsiprefservice nsistringbundle nsistringbundl...
Xptcall Porting Guide
the tree mozilla/xpcom/reflect/xptcall +--public // exported
headers +--src // core source | \--md // platform specific parts | +--mac // mac ppc | +--unix // all unix | \--win32 // win32 | +--test // simple tests to get started \--tests // full tests via api porters are free to create subdirectories under the base md directory for their given platforms and to integrate into the build system as appropriate for their platfor...
XPIDL Syntax
the following is a list of potential features which are parseable but may not result in expected code: struct, union, and enumerated types array declarators (appears to be supported in xpidl_
header.c but not xpidl_typelib.c) exception declarations module declarations variable arguments (that makes the abnf get more wonky) sequence types max-length strings fixed-point numbers "any" and "long double" types.
DB Views (message lists)
these are the main view classes: nsmsgthreadeddbview - (implementation) nsmsgsearchdbview - (implementation) nsmsgquicksearchdbview - (implementation) nsmsgxfvirtualfolderdbview - (implementation) nsmsggroupview - (implementation) usually, a view object has parallel arrays, which map directly to lines in the message list: m_keys message
header key m_flags 32 bits, combination of message
header flags and view-only flags (e.g., collapsed) m_level the indentation level when in threaded mode.
Spam filtering
to analyze a message for spam, we need the entire message, not just the
headers.
Create Custom Column
the customdb
headers preference article provides information on a preference setting that exposes custom
header data for use in a custom column within thunderbird's main view.
Folders and message lists
if a collapsed thread is in there and working with collapsed threads is enabled, this will include the
headers for the messages in that collapsed thread.
Using the Multiple Accounts API
(replyto:
header in mail messages) preference: mail.identity.identity.organization - user's organization (organization:
header in mail messages) preference: mail.identity.identity.compose_html - boolean, should we compose messages in html (true) or plain text (false)?
Using js-ctypes
rtlevel = 3; // declare functions /* https://developer.apple.com/library/mac/documentation/corefoundation/reference/cfusernotificationref/index.html#//apple_ref/c/func/cfusernotificationdisplaynotice * sint32 cfusernotificationdisplaynotice ( * cftimeinterval timeout, * cfoptionflags flags, * cfurlref iconurl, * cfurlref soundurl, * cfurlref localizationurl, * cfstringref alert
header, * cfstringref alertmessage, * cfstringref defaultbuttontitle * ); */ var cfusernotificationdisplaynotice = libcf.declare("cfusernotificationdisplaynotice", ctypes.default_abi, sint32, // return cftimeinterval, // timeout cfoptionflags, // flags cfurlref, // iconurl cfurlref, // soundurl cfurlref, // localizationurl cfstringref, // alert
header cfstringref, // alertmes...
Constants - Plugins
npvers_has_response_
headers 17 npstreams have response
headers for http streams.
Set an XHR breakpoint - Firefox Developer Tools
to turn on the feature: open the debugger click on "pause on any url" which acts as a wild card, causing the code to pause on any call, or, click the plus sign next to the xhr breakpoints
header, enter the url in which you are interested, and press enter.
Debugger.Source - Firefox Developer Tools
(on the web, the translator may provide the source map url in a specially formatted comment in the javascript source code, or via a
header in the http reply that carried the generated javascript.) this property is writable, so you can change the source map url by setting it.
Using the article role - Accessibility
examples <article role="article"> <
header> <h2>blog post</h2> </
header> <section class="content"> <p>a very interesting post</p> </section> <section class="comments"> <div class="comment" role="article"> <p>meaningful comment</p> </div> <div class="comment" role="article"> <p>positive comment</p> </div> </section> </article> notes aria attributes used related aria techniques aria techni...
Using the group role - Accessibility
<div id="tree1" role="tree" tabindex="-1"> <div id="animals" class="group
header" role="presentation" aria-owns="animalgroup" aria-expanded="true"> <img role="presentation" tabindex="-1" src="images/treeexpanded.gif" /> <span role="treeitem" tabindex="0">animals</span> </div> <div id="animalgroup" role="group"> <div id="birds" role="treeitem"> <span tabindex="-1">birds</span> </div> <div id="cats" class="group
header" role="presentation" aria-owns...
Using the presentation role - Accessibility
for example, a table used for layout purposes could have the presentation role applied to the table element to remove any semantic meaning from the table element and any of its table related children elements, such as table
headers and table data elements.
Using ARIA: Roles, states, and properties - Accessibility
combobox grid (including row, gridcell, row
header, column
header roles) listbox (including option role) menu menubar radiogroup (see radio role) tablist (including tab and tabpanel roles) tree treegrid document structure roles application article cell column
header definition directory document feed figure group heading img list listitem math none note presentation row rowgroup row
header separator table term t...
ARIA: Main role - Accessibility
<body> <a href="#main-content">skip to main content</a> <!-- navigation and
header content --> <div id="main-content" role="main"> <!-- main page content --> </div> </body> webaim: "skip navigation" links added benefits certain technologies such as browser extensions can generate lists of all landmark roles present on a page, allowing non-screen reader users to also quickly identify and navigate to large sections of the document.
ARIA - Accessibility
the new landmark elements (<main>, <
header>, <nav> etc) have built-in aria roles, so there is no need to duplicate them.
HTML To MSAA - Accessibility
ox open state_system_ collapsed if combobox is collapsed state_system_ haspopup state_system_ focusable n/a "open"/"close" depending on state event_object_ valuechange when selected option is changed table role_system_ table from @summary attribute n/a described_by (0x100e) points to caption element n/a n/a td, th role_system_ cell n/a n/a n/a n/a n/a n/a thead role_system_ column
header n/a n/a n/a n/a n/a n/a abbr, acronym, blockquote, form, frame, h1-h6, iframe bstr role n/a n/a n/a n/a n/a n/a ...
Implementing a Microsoft Active Accessibility (MSAA) Server - Accessibility
le_client [important] role_menupopup [important] role_menuitem [important] role_tooltip role_application role_document role_pane [important] role_chart role_dialog [semi-important, not currently used by all at's] role_border role_grouping role_separator [important] role_toolbar role_statusbar [important] role_table [important] role_column
header role_row
header role_column role_row role_cell [important] role_link [important] role_helpballoon role_character role_list [important] role_listitem [important] role_outline [important] role_outlineitem [important] role_pagetab [important] role_propertypage [important] role_indicator role_graphic [important] role_statictext [important]...
:host() - CSS: Cascading Style Sheets
t span = document.createelement('span'); span.textcontent = this.textcontent; const shadowroot = this.attachshadow({mode: 'open'}); shadowroot.appendchild(style); shadowroot.appendchild(span); style.textcontent = 'span:hover { text-decoration: underline; }' + ':host-context(h1) { font-style: italic; }' + ':host-context(h1):after { content: " - no links in
headers!" }' + ':host-context(article, aside) { color: gray; }' + ':host(.footer) { color : red; }' + ':host { background: rgba(0,0,0,0.1); padding: 2px 5px; }'; the :host(.footer) { color : red; } rule styles all instances of the <context-span> element (the shadow host in this instance) in the document that have the footer class set on them �...
:host-context() - CSS: Cascading Style Sheets
t span = document.createelement('span'); span.textcontent = this.textcontent; const shadowroot = this.attachshadow({mode: 'open'}); shadowroot.appendchild(style); shadowroot.appendchild(span); style.textcontent = 'span:hover { text-decoration: underline; }' + ':host-context(h1) { font-style: italic; }' + ':host-context(h1):after { content: " - no links in
headers!" }' + ':host-context(article, aside) { color: gray; }' + ':host(.footer) { color : red; }' + ':host { background: rgba(0,0,0,0.1); padding: 2px 5px; }'; the :host-context(h1) { font-style: italic; } and :host-context(h1):after { content: " - no links in
headers!" } rules style the instance of the <context-span> element (the shadow hos...
:host - CSS: Cascading Style Sheets
t span = document.createelement('span'); span.textcontent = this.textcontent; const shadowroot = this.attachshadow({mode: 'open'}); shadowroot.appendchild(style); shadowroot.appendchild(span); style.textcontent = 'span:hover { text-decoration: underline; }' + ':host-context(h1) { font-style: italic; }' + ':host-context(h1):after { content: " - no links in
headers!" }' + ':host-context(article, aside) { color: gray; }' + ':host(.footer) { color : red; }' + ':host { background: rgba(0,0,0,0.1); padding: 2px 5px; }'; the :host { background: rgba(0,0,0,0.1); padding: 2px 5px; } rule styles all instances of the <context-span> element (the shadow host in this instance) in the document.
:lang() - CSS: Cascading Style Sheets
/* selects any <p> in english (en) */ p:lang(en) { quotes: '\201c' '\201d' '\2018' '\2019'; } note: in html, the language is determined by a combination of the lang attribute, the <meta> element, and possibly by information from the protocol (such as http
headers).
Shapes From Images - CSS: Cascading Style Sheets
an image hosted on the same domain as your site should work, however if your images are hosted on a different domain such as on a cdn you should ensure that they are sending the correct
headers to enable them to be used for shapes.
Sticky footers - CSS: Cascading Style Sheets
grid auto-placement will place our items in source order and so the
header goes into the first auto sized track, the main content into the 1fr track and the footer into the final auto sized track.
Mozilla CSS extensions - CSS: Cascading Style Sheets
t scrollbarbutton-up scrollbar-small scrollbarthumb-horizontal scrollbarthumb-vertical scrollbartrack-horizontal scrollbartrack-vertical separator spinner spinner-downbutton spinner-textfield spinner-upbutton statusbar statusbarpanel tab tabpanels tab-scroll-arrow-back tab-scroll-arrow-forward textfield textfield-multiline toolbar toolbarbutton-dropdown toolbox tooltip tree
headercell tree
headersortarrow treeitem treetwisty treetwistyopen treeview window background-image gradients -moz-linear-gradient -moz-radial-gradient elements -moz-element sub-images -moz-image-rect() border-color -moz-use-text-colorobsolete since gecko 52 (removed in bug 1306214); use currentcolor instead.
float - CSS: Cascading Style Sheets
s the computed value of the display values, in some cases: specified value computed value inline block inline-block block inline-table table table-row block table-row-group block table-column block table-column-group block table-cell block table-caption block table-
header-group block table-footer-group block inline-flex flex inline-grid grid other unchanged note: if you're referring to this property from javascript as a member of the htmlelement.style object, modern browsers support float, but in older browsers you have to spell it as cssfloat, with internet explorer versions 8 and older using stylefloat.
grid-template-areas - CSS: Cascading Style Sheets
formal definition initial valuenoneapplies togrid containersinheritednocomputed valueas specifiedanimation typediscrete formal syntax none | <string>+ examples specifying named grid areas html <section id="page"> <
header>
header</
header> <nav>navigation</nav> <main>main area</main> <footer>footer</footer> </section> css #page { display: grid; width: 100%; height: 250px; grid-template-areas: "head head" "nav main" "nav foot"; grid-template-rows: 50px 1fr 30px; grid-template-columns: 150px 1fr; } #page >
header { grid-area: head; background-col...
inherit - CSS: Cascading Style Sheets
examples exclude selected elements from a rule /* make second-level
headers green */ h2 { color: green; } /* ...but leave those in the sidebar alone so they use their parent's color */ #sidebar h2 { color: inherit; } in this example the h2 elements inside the sidebar might be different colors.
order - CSS: Cascading Style Sheets
html <
header>...</
header> <main> <article>article</article> <nav>nav</nav> <aside>aside</aside> </main> <footer>...</footer> css main { display: flex; text-align:center; } main > article { flex:1; order: 2; } main > nav { width: 200px; order: 1; } main > aside { width: 200px; order: 3; } result specifications specification status comment css flexible bo...
padding-left - CSS: Cascading Style Sheets
formal definition initial value0applies toall elements, except table-row-group, table-
header-group, table-footer-group, table-row, table-column-group and table-column.
padding-top - CSS: Cascading Style Sheets
formal definition initial value0applies toall elements, except table-row-group, table-
header-group, table-footer-group, table-row, table-column-group and table-column.
padding - CSS: Cascading Style Sheets
formal definition initial valueas each of the properties of the shorthand:padding-bottom: 0padding-left: 0padding-right: 0padding-top: 0applies toall elements, except table-row-group, table-
header-group, table-footer-group, table-row, table-column-group and table-column.
var() - CSS: Cascading Style Sheets
examples :root { --main-bg-color: pink; } body { background-color: var(--main-bg-color); } /* fallback */ /* in the component’s style: */ .component .
header { color: var(--
header-color, blue); /*
header-color isn’t set, and so remains blue, the fallback value */ } .component .text { color: var(--text-color, black); } /* in the larger application’s style: */ .component { --text-color: #080; } specifications specification status comment css custom properties for cascading variables module level 1the definition...
Block formatting context - Developer guides
anonymous table cells implicitly created by the elements with display: table, table-row, table-row-group, table-
header-group, table-footer-group (which is the default for html tables, table rows, table bodies, table
headers, and table footers, respectively), or inline-table.
HTML5 - Developer guides
semantics sections and outlines in html5 a look at the new outlining and sectioning elements in html5: <section>, <article>, <nav>, <
header>, <footer> and <aside>.
<h1>–<h6>: The HTML Section Heading elements - HTML: Hypertext Markup Language
example <
header> <nav aria-labelledby="primary-navigation"> <h2 id="primary-navigation">primary navigation</h2> <!-- navigation items --> </nav> </
header> <!-- page content --> <footer> <nav aria-labelledby="footer-navigation"> <h2 id="footer-navigation">footer navigation</h2> <!-- navigation items --> </nav> </footer> in this example, screen reading technology would announce that the...
<article>: The Article Contents element - HTML: Hypertext Markup Language
examples <article class="film_review"> <
header> <h2>jurassic park</h2> </
header> <section class="main_review"> <p>dinos were great!</p> </section> <section class="user_reviews"> <article class="user_review"> <p>way too scary for me.</p> <footer> <p> posted on <time datetime="2015-05-16 19:00">may 16</time> by lisa.
<figure>: The Figure with Optional Caption element - HTML: Hypertext Markup Language
using <code>navigator</code>.</figcaption> <pre> function navigatorexample() { var txt; txt = "browser codename: " + navigator.appcodename + "; "; txt+= "browser name: " + navigator.appname + "; "; txt+= "browser version: " + navigator.appversion + "; "; txt+= "cookies enabled: " + navigator.cookieenabled + "; "; txt+= "platform: " + navigator.platform + "; "; txt+= "user-agent
header: " + navigator.useragent + "; "; console.log("navigatorexample", txt); } </pre> </figure> quotations <figure> <figcaption><cite>edsger dijkstra:</cite></figcaption> <blockquote>if debugging is the process of removing software bugs, then programming must be the process of putting them in.</blockquote> </figure> poems <figure> <p style="white-space:pre"> bid me discourse, i wi...
<main> - HTML: Hypertext Markup Language
<body> <a href="#main-content">skip to main content</a> <!-- navigation and
header content --> <main id="main-content"> <!-- main page content --> </main> </body> webaim: "skip navigation" links reader mode browser reader mode functionality looks for the presence of the <main> element, as well as heading and content sectioning elements when converting content into a specialized reader view.
<p>: The Paragraph element - HTML: Hypertext Markup Language
the end tag may be omitted if the <p> element is immediately followed by an <address>, <article>, <aside>, <blockquote>, <div>, <dl>, <fieldset>, <footer>, <form>, <h1>, <h2>, <h3>, <h4>, <h5>, <h6>, <
header>, <hr>, <menu>, <nav>, <ol>, <pre>, <section>, <table>, <ul> or another <p> element, or if there is no more content in the parent element and the parent element is not an <a> element.
Link types: noopener - HTML: Hypertext Markup Language
this is especially useful when opening untrusted links, in order to ensure they cannot tamper with the originating document via the window.opener property (see about rel=noopener for more details), while still providing the referer http
header (unless noreferrer is used as well).
Link types: noreferrer - HTML: Hypertext Markup Language
the noreferrer keyword for the rel attribute of the <a>, <area>, and <form> elements instructs the browser, when navigating to the target resource, to omit the referer
header and otherwise leak no referrer information — and additionally to behave as if the noopener keyword were also specified.
Choosing between www and non-www URLs - HTTP
example: a server receives a request for http://www.example.org/whaddup (when the canonical domain is example.org) the server answers with a code 301 with the
header location: http://example.org/whaddup.
Identifying resources on the Web - HTTP
there are sometimes reasons identity and location are not given by the same uri: http uses a specific http
header, alt-svc when the resource requested wants the client to access it at another location.
CSP: base-uri - HTTP
examples meta tag configuration <meta http-equiv="content-security-policy" content="base-uri 'self'"> apache configuration <ifmodule mod_
headers.c>
header set content-security-policy "base-uri 'self'"; </ifmodule> nginx configuration add_
header content-security-policy "base-uri 'self';" violation case since your domain isn't example.com, a <base> element with its href set to https://example.com will result in a csp violation.
CSP: child-src - HTTP
examples violation cases given this csp
header: content-security-policy: child-src https://example.com/ this <iframe> and worker are blocked and won't load: <iframe src="https://not-example.com"></iframe> <script> var blockedworker = new worker("data:application/javascript,..."); </script> specifications specification status comment content security policy level 3the definition of 'child-src' in that specificat...
CSP: connect-src - HTTP
examples violation cases given this csp
header: content-security-policy: connect-src https://example.com/ the following connections are blocked and won't load: <a ping="https://not-example.com"> <script> var xhr = new xmlhttprequest(); xhr.open('get', 'https://not-example.com/'); xhr.send(); var ws = new websocket("https://not-example.com/"); var es = new eventsource("https://not-example.com/"); navigator.sendbeacon("https:...
CSP: default-src - HTTP
the following
header: content-security-policy: default-src 'self'; script-src https://example.com is the same as: content-security-policy: connect-src 'self'; font-src 'self'; frame-src 'self'; img-src 'self'; manifest-src 'self'; media-src 'self'; object-src 'self';...
CSP: font-src - HTTP
examples violation cases given this csp
header: content-security-policy: font-src https://example.com/ the following font resource loading is blocked and won't load: <style> @font-face { font-family: "myfont"; src: url("https://not-example.com/font"); } body { font-family: "myfont"; } </style> specifications specification status comment content security policy level 3the definition of 'font-src...
CSP: form-action - HTTP
examples meta tag configuration <meta http-equiv="content-security-policy" content="form-action 'none'"> apache configuration <ifmodule mod_
headers.c>
header set content-security-policy "form-action 'none'; </ifmodule> nginx configuration add_
header content-security-policy "form-action 'none';" violation case using a <form> element with an action set to inline javascript will result in a csp violation.
CSP: frame-src - HTTP
examples violation cases given this csp
header: content-security-policy: frame-src https://example.com/ the following <iframe> is blocked and won't load: <iframe src="https://not-example.com/"></iframe> specifications specification status comment content security policy level 3the definition of 'frame-src' in that specification.
CSP: img-src - HTTP
examples violation cases given this csp
header: content-security-policy: img-src https://example.com/ the following <img> is blocked and won't load: <img src="https://not-example.com/foo.jpg" alt="example picture"> specifications specification status comment content security policy level 3the definition of 'img-src' in that specification.
CSP: manifest-src - HTTP
examples violation cases given this csp
header: content-security-policy: manifest-src https://example.com/ the following <link> is blocked and won't load: <link rel="manifest" href="https://not-example.com/manifest"> specifications specification status comment content security policy level 3the definition of 'manifest-src' in that specification.
CSP: media-src - HTTP
examples violation cases given this csp
header: content-security-policy: media-src https://example.com/ the following <audio>, <video> and <track> elements are blocked and won't load: <audio src="https://not-example.com/audio"></audio> <video src="https://not-example.com/video"> <track kind="subtitles" src="https://not-example.com/subtitles"> </video> specifications specification status comment content secu...
CSP: object-src - HTTP
examples violation cases given this csp
header: content-security-policy: object-src https://example.com/ the following <object>, <embed>, and <applet> elements are blocked and won't load: <embed src="https://not-example.com/flash"></embed> <object data="https://not-example.com/plugin"></object> <applet archive="https://not-example.com/java"></applet> specifications specification status comment content security...
CSP: prefetch-src - HTTP
example prefetch resources do not match
header given a page with the following content security policy: content-security-policy: prefetch-src https://example.com/ fetches for the following code will return network errors, as the urls provided do not match prefetch-src's source list: <link rel="prefetch" src="https://example.org/"></link> <link rel="prerender" src="https://example.org/"></link> specification specification st...
Promise.prototype.then() - JavaScript
return fetch('current-data.json').then(response => { if (response.
headers.get('content-type') != 'application/json') { throw new typeerror(); } var j = response.json(); // maybe do something with j return j; // fulfillment value given to user of // fetch_current_data().then() }); } if onfulfilled returns a promise, the return value of then will be resolved/rejected by the promise.
SharedArrayBuffer - JavaScript
for top-level documents, two
headers will need to be set to cross-origin isolate your site: cross-origin-opener-policy with same-origin as value (protects your origin from attackers) cross-origin-embedder-policy with require-corp as value (protects victims from your origin) cross-origin-opener-policy: same-origin cross-origin-embedder-policy: require-corp to check if cross origin isolation has been successful, you can test ...
encodeURIComponent() - JavaScript
o be more stringent in adhering to rfc 3986 (which reserves !, ', (, ), and *), even though these characters have no formalized uri delimiting uses, the following can be safely used: function fixedencodeuricomponent(str) { return encodeuricomponent(str).replace(/[!'()*]/g, function(c) { return '%' + c.charcodeat(0).tostring(16); }); } examples encoding for content-disposition and link
headers the following example provides the special encoding required within utf-8 content-disposition and link server response
header parameters (e.g., utf-8 filenames): var filename = 'my file(2).txt'; var
header = "content-disposition: attachment; filename*=utf-8''" + encoderfc5987valuechars(filename); console.log(
header); // logs "content-disposition: attachment; filename*=utf-8''my%2...
Using dns-prefetch - Web Performance
second, it’s also possible to specify dns-prefetch (and other resources hints) as an http
header by using the http link field: link: <https://fonts.gstatic.com/>; rel=dns-prefetch third, consider pairing dns-prefetch with the preconnect hint.
Web Performance
this article explains the tls handshake process, and offers some tips for reducing this time, such as ocsp stapling, hsts preload
headers, and the potential role of resource hints in masking tls latency for third parties.
Mobile first - Progressive web apps (PWAs)
our html looks like this: <article> <nav> <ul> <li><a href="#">home</a></li> <li><a href="#">articles</a></li> <li><a href="#">videos</a></li> <li><a href="#">work</a></li> <li><a href="#">about</a></li> <li><a href="#">contact</a></li> </ul> </nav> <
header> <a id="top" href="#bottom">jump to menu</a> <h1>my article</h1> </
header> <div class="main"> <p>lorem ipsum … </p> <a id="bottom" href="#top">back to top</a> </div> </article> <button id="install-btn">install</button> default mobile css for the css, i first added some styles into our app.css stylesheet to provide a reasonable narrow-screen layout.
display - SVG: Scalable Vector Graphics
&& list-item<display-internal> = table-row-group | table-
header-group | table-footer-group | table-row | table-cell | table-column-group | table-column | table-caption | ruby-base | ruby-text | ruby-base-container | ruby-text-container<display-box> = contents | none<display-legacy> = inline-block | inline-list-item | inline-table | inline-flex | inline-grid animatable yes for a description of the values, please refer to the css display prop...