Search completed in 1.39 seconds.
Signing an XPI - Archive of obsolete content
see
signing and distributing your add-on.
...see
signing an extension for a practical guide.
... introduction this article describes how to sign your own firefox extensions with a code-
signing certificate on a windows platform.
...And 38 more matches
Signing Mozilla apps for Mac OS X
signing mozilla apps without the
signing server firefox and thunderbird are built using mozilla's release automation infrastructure.
... on mac os x, part of this infrastructure is automatic
signing of the ".app" folder using apple's codesign tool.
...apple's code
signing guide is also a good resource on the subject.
...And 13 more matches
Signing an extension - Archive of obsolete content
see
signing and distributing your add-on.
... this article describes how to digitally sign your extension for firefox and thunderbird, with a code
signing certificate for object
signing.
... get the
signing tool we use nss to sign an extension.
...And 7 more matches
FC_SignInit
name fc_
signinit - initialize a
signing operation.
... syntax ck_rv fc_
signinit( ck_session_handle hsession, ck_mechanism_ptr pmechanism, ck_object_handle hkey ); parameters hsession [in] session handle.
... pmechanism [in] mechanism to be used for the subsequent
signing operation.
...And 3 more matches
JS_IsAssigning
syntax jsbool js_isas
signing(jscontext *cx); name type description description js_isas
signing returns true if a script is executing and its current bytecode is a set (assignment) operation, even if there are native (no script) stack frames between the script and the caller to js_isas
signing.
Index
when checking whether a certificate is trusted or not, it's necessary to find a relevant trust anchor (root certificate) that represents the
signing capability of a trusted third party, usually called a certificate authority (ca).
...the usual approach is to create a certificate
signing request (csr) as soon as an application is done with the creation step, which will have created a handle to the key pair, and which can be used for the necessary related operations, like producing a proof-of-ownership of the private key, which is usually required when submitting the public key with a csr to a ca.
...(a personal certificate is a certificate for which the private key is in possession, and which could be used for
signing data or for decrypting data.) a unique nickname can/should be assigned to the certificate at the time of import, which can later be used to easily identify and retrieve it.
...And 77 more matches
NSS tools : signtool
name -s size -b basename [[-c compression level] ] [[-d cert-dir] ] [[-i installer script] ] [[-m metafile] ] [[-x name] ] [[-f filename] ] [[-t|--token tokenname] ] [[-e extension] ] [[-o] ] [[-z] ] [[-x] ] [[--outfile] ] [[--verbose value] ] [[--norecurse] ] [[--leavearc] ] [[-j directory] ] [[-z jarfile] ] [[-o] ] [[-p password] ] [directory-tree] [archive] description the
signing tool, signtool, creates digital signatures and uses a java archive (jar) file to associate the signatures with files in a directory.
...digital signatures allow ssl-enabled clients to perform two important operations: * confirm the identity of the individual, company, or other entity whose digital signature is associated with the files * check whether the files have been tampered with since being signed if you have a
signing certificate, you can use netscape
signing tool to digitally sign files and package them as a jar file.
... an object-
signing certificate is a special kind of certificate that allows you to associate your digital signature with one or more files.
...And 57 more matches
Introduction to Public-Key Cryptography - Archive of obsolete content
ssl protocol signed and encrypted email single sign-on object
signing ssl protocol the secure sockets layer (ssl) protocol is a set of rules governing server authentication, client authentication, and encrypted communication between servers and clients.
... object
signing communicator supports a set of tools and technologies called object
signing.
... object
signing uses standard techniques of public-key cryptography to let users get reliable information about code they download in much the same way they can get reliable information about shrink-wrapped software.
...And 9 more matches
SubtleCrypto.sign() - Web APIs
key is a cryptokey object containing the key to be used for
signing.
... exceptions the promise is rejected when the following exception is encountered: invalidaccesserror raised when the
signing key is not a key for the request
signing algorithm or when trying to use an algorithm that is either unknown or isn't suitable for
signing.
... supported algorithms the web crypto api provides four algorithms that can be used for
signing and signature verification.
...And 7 more matches
Getting Started Guide
however, be aware that if you should have queried but didn't, e.g., when as
signing in a raw pointer where c++ allows the assignment, but xpcom wouldn't, nscomptr will assert at runtime.
...after learning how nscomptr automatically addrefs a pointer as it is being assigned in, the natural assumption is that it does the same thing when as
signing out.
... as
signing into a raw pointer nsifoo* raw_foo = foo; // 2.
...And 6 more matches
A Web PKI x509 certificate primer
one issue that is not commonly known is that the x509 trust graph is not a forest (a bunch of trees where each root is a trusted root) but a cyclic graph, where the same key/issuer can be a root or an intermediate for another root in the browsers key store (when roots create intermediates for each other it is called cross-
signing).
...examples of extended key usages are: serverauth, clientauth, and ocsp
signing.
...generate csr using this command: openssl req -new -key key.pem -days 1096 -extensions v3_ca -batch -out example.csr -utf8 -subj '/cn=www.example.com' this creates a new certificate
signing request (csr) that will be valid for 3 years.
...And 5 more matches
NSS tools : certutil
there are three available trust categories for each certificate, expressed in the order ssl, email, object
signing for each trust setting.
...ne, any, or all of the attribute codes: + p - valid peer + p - trusted peer (implies p) + c - valid ca + t - trusted ca to issue client certificates (implies c) + c - trusted ca to issue server certificates (ssl only) (implies c) + u - certificate can be used for authentication or
signing + w - send warning (use with other attributes to include a warning when the certificate is used in that context) the attribute codes for the categories are separated by commas, and the entire set of attributes enclosed by quotation marks.
...there are several available keywords: + digital signature + nonrepudiation + keyencipherment + dataencipherment + keyagreement + cert
signing + crl
signing + critical -2 add a basic constraint extension to a certificate that is being created or added to a database.
...And 4 more matches
certutil
there are three available trust categories for each certificate, expressed in the order ssl, email, object
signing for each trust setting.
...one, any, or all of the attribute codes: o p - valid peer o p - trusted peer (implies p) o c - valid ca o t - trusted ca to issue client certificates (implies c) o c - trusted ca to issue server certificates (ssl only) (implies c) o u - certificate can be used for authentication or
signing o w - send warning (use with other attributes to include a warning when the certificate is used in that context) the attribute codes for the categories are separated by commas, and the entire set of attributes enclosed by quotation marks.
... there are several available keywords: o digital signature o nonrepudiation o keyencipherment o dataencipherment o keyagreement o cert
signing o crl
signing o critical -2 add a basic constraint extension to a certificate that is being created or added to a database.
...And 4 more matches
PKCS11 Implement
it uses a single session for all single-part rsa operations such as logging in, logging out,
signing, verifying, generating keys, wrapping keys, and so on.
...
signing tokens include a
signing certificate and are used to sign objects or messages or to perform ssl authentication.
...
signing and decryption tokens can be used for s/mime and for encrypted transactions over unsecured networks such as the internet.
...And 3 more matches
generateCRMFRequest() - Archive of obsolete content
acceptable values are (the mentioned values for keyusage pertain to the keyusage value of the certificate extension that will ultimately be in the issued certificate): "rsa-ex" - generate an rsa key for key exchange only (this will have eyencipherment set for keyusage.) "rsa-dual-use" - generate a single rsa key for both
signing and encryption.
... (this will have digitalsignature, keyencipherment, and nonrepudiation set for keyusage.) "rsa-sign" - generate an rsa key for
signing only.
...(this will have non-repudiation set for keyusage.) "rsa-sign-nonrepudiation" - generate a single rsa key use for both
signing and nonrepudiation.
...And 2 more matches
Your first form - Learn web development
overview: forms next the first article in our series provides you with your very first experience of creating a web form, including de
signing a simple form, implementing it using the right html form controls and other html elements, adding some very simple styling via css, and describing how data is sent to a server.
... objective: to gain familiarity with what web forms are, what they are used for, how to think about de
signing them, and the basic html elements you'll need for simple cases.
... de
signing your form before starting to code, it's always better to step back and take the time to think about your form.
...And 2 more matches
McCoy
specifically, it focuses on the process of digitally
signing update manifests so the applications can verify the integrity of a manifest retrieved over normally insecure channels.
...
signing from command line currently there is no support to run mccoy from command line under windows, but it is planned to add this support in the future.
... however, there are several external and unofficial tools which enable
signing from command line: uhura - part of the mxtools package from softlights http://www.softlights.net/projects/mxtools/uhura.html signontheline - an extension to mccoy - important: you have to checkout rev 222, later revisions are not working in mccoy!
...And 2 more matches
An overview of NSS Internals
when checking whether a certificate is trusted or not, it's necessary to find a relevant trust anchor (root certificate) that represents the
signing capability of a trusted third party, usually called a certificate authority (ca).
...the usual approach is to create a certificate
signing request (csr) as soon as an application is done with the creation step, which will have created a handle to the key pair, and which can be used for the necessary related operations, like producing a proof-of-ownership of the private key, which is usually required when submitting the public key with a csr to a ca.
...(a personal certificate is a certificate for which the private key is in possession, and which could be used for
signing data or for decrypting data.) a unique nickname can/should be assigned to the certificate at the time of import, which can later be used to easily identify and retrieve it.
...And 2 more matches
Enc Dec MAC Using Key Wrap CertReq PKCS10 CSR
generates encryption/mac keys and outputs public key as pkcs11 certificate
signing request /* this source code form is subject to the terms of the mozilla public * license, v.
...r, "%-30s - certificate serial number\n\n", "-m <serialnumber>"); fprintf(stderr, "%-30s - certificate nickname\n\n", "-n <nickname>"); fprintf(stderr, "%-30s - certificate trust\n\n", "-t <trustargs>"); fprintf(stderr, "%-30s - certificate issuer nickname\n\n", "-u <issuernickname>"); fprintf(stderr, "%-30s - certificate
signing request \n\n", "-r <csr>"); fprintf(stderr, "%-30s - generate a self-signed cert [optional]\n\n", "-x"); fprintf(stderr, "%-30s - to enable ascii [optional]\n\n", "-a"); fprintf(stderr, "%-30s - to save certificate to header file as sig verification [optional]\n\n", "-v"); exit(-1); } /* * validate the options used f...
... = pr_open(infilename, pr_rdonly, 0); if (!infile) { pr_fprintf(pr_stderr, "unable to open \"%s\" for reading.\n", infilename); rv = secfailure; goto cleanup; } /* sign using private key */ sgn = sgn_newcontext(sec_oid_pkcs1_md5_with_rsa_encryption, pk); if (!sgn) { pr_fprintf(pr_stderr, "unable to create context for
signing\n"); rv = secfailure; goto cleanup; } rv = sgn_begin(sgn); if (rv != secsuccess) { pr_fprintf(pr_stderr, "problem while sgn_begin\n"); goto cleanup; } while ((nb = pr_read(infile, ibuf, sizeof(ibuf))) > 0) { rv = sgn_update(sgn, ibuf, nb); if (rv != secsuccess) { pr_fprintf(pr_stderr, "problem while sgn_u...
...And 2 more matches
nss tech note3
there are 8 key usages: cert_sign crl_sign data_encipherment digital_signature govt_approved key_agreement key_encipherment non_repudiation there are 9 cert types: email email_ca object_
signing object_
signing_ca ssl_ca ssl_client ssl_server status_responder time_stamp for the cert being checked, the requirements are: cert usage requried key usage required cert type -------------------- -------------------- ----------------------- sslclient: digital_signature; ssl_client; sslserver: key_agreement or key_encipherment; ssl_server; sslserverwithstepup: govt_approve...
...d and ssl_server key_agreement or key_encipherment sslca: cert_sign; ssl_ca; emailsigner: digital_signature; email; emailrecipient: key_agreement or key_encipherment; email; objectsigner: digital_signature; object_
signing; statusresponder: digital_signature; status_responder; verifyca cert_sign ssl_ca or email_ca or object_
signing_ca or status_responder for ca certs in the cert chain, the requirements are: cert usage requried key usage required cert type -------------------- -------------------- ----------------------- sslserverwithstepup: govt_approved and cert_sign; ssl_ca; sslclient: cert_sign; ssl_ca; sslserver: cert_sign; ssl_ca; sslca: cert_sign; ssl_ca; emailsigner: cert_sign; email_ca or ssl_ca emailrecipient: ...
...cert_sign; email_ca or ssl_ca objectsigner: cert_sign; object_
signing_ca; usageanyca: cert_sign; object_
signing_ca or email_ca or ssl_ca; statusresponder: cert_sign; object_
signing_ca or email_ca or ssl_ca; note: when the required key usage is key_agreement or key_encipherment, the actual key usage required depends on the key's algorithm.
...And 2 more matches
NSS Tools modutil
to declare meta-information in the manifest file, put it in a file that is passed to the netscape
signing tool.
...if so, the metainfo file for the netscape
signing tool would include a line such as this: + pkcs11_install_script: pk11install the sample script file could contain the following: forwardcompatible { irix:6.2:mips sunos:5.5.1:sparc }platforms { winnt::x86 { modulename { "fortezza module" } modulefile { win32/fort32.dll } defaultmechanismflags{0x0001} defaultcipherflags{0x0001} files { win32/setup.exe { executable relativepath { %temp%/setup.exe } } win32/setup.hlp { relativepath { %temp%/setup.hlp } } win32/setup.cab { relativepath { %temp%/setup.cab } } } } win95::x86 {...
...this installation jar file was signed by: ---------------------------------------------- **subject name** c=us, st=california, l=mountain view, cn=cryptorific inc., ou=digital idclass 3 - netscape object
signing, ou="www.verisign.com/repository/cpsincorp.
...And 2 more matches
Mozilla internal string guide
str.assign(reversedstr); // modifies the string } this should not compile, because you're as
signing to a const class: void nsfoo::reversecharacters(const nsastring& str) { ...
... if you are as
signing an ascii literal to an nsacstring, use assignliteral().
... if you are as
signing a literal to an nsastring, use assignliteral() and make the literal a u"" literal.
...And 2 more matches
Setting Up a Development Environment - Archive of obsolete content
signing extensions in order to provide additional security for your users, you can choose to add a signature to your extension.
...signature_dir := signature # the
signing key /certificate file.
... signature_extra_files := $(build_dir)/meta-inf/manifest.mf \ $(build_dir)/meta-inf/zigbert.sf # the
signing key /certificate file.
... signature_rsa_file = $(build_dir)/meta-inf/zigbert.rsa# the
signing key /certificate file.
Responsive design - Learn web development
historic website layouts at one point in history you had two options when de
signing a website: you could create a liquid site, which would stretch to fill the browser window or a fixed width site, which would be a fixed size in pixels.
... these two approaches tended to result in a website that looked its best on the screen of the person de
signing the site!
...modern css layout methods are inherently responsive, and we have new things built into the web platform to make de
signing responsive sites easier.
...this is because the web has moved to this approach of de
signing responsively.
sample2
tf(stderr, "%-30s - output file name\n\n", "-o <opfilename>"); fprintf(stderr, "%-30s - certificate serial number\n\n", "-m <serialnumber>"); fprintf(stderr, "%-30s - certificate nickname\n\n", "-n <nickname>"); fprintf(stderr, "%-30s - certificate trust\n\n", "-t <trustargs>"); fprintf(stderr, "%-30s - certificate issuer nickname\n\n", "-u <issuernickname>"); fprintf(stderr, "%-30s - certificate
signing request \n\n", "-r <csr>"); fprintf(stderr, "%-30s - generate a self-signed cert [optional]\n\n", "-x"); fprintf(stderr, "%-30s - to enable ascii [optional]\n\n", "-a"); fprintf(stderr, "%-30s - to save certificate to header file as sig verification [optional]\n\n", "-v"); exit(-1); } /* * validate the options used for generate csr command */ static void validategeneratecsrcommand(const char *pr...
...file = null; sgncontext *sgn = null; /* open the input file for reading */ infile = pr_open(infilename, pr_rdonly, 0); if (!infile) { pr_fprintf(pr_stderr, "unable to open \"%s\" for reading.\n", infilename); rv = secfailure; goto cleanup; } /* sign using private key */ sgn = sgn_newcontext(sec_oid_pkcs1_md5_with_rsa_encryption, pk); if (!sgn) { pr_fprintf(pr_stderr, "unable to create context for
signing\n"); rv = secfailure; goto cleanup; } rv = sgn_begin(sgn); if (rv != secsuccess) { pr_fprintf(pr_stderr, "problem while sgn_begin\n"); goto cleanup; } while ((nb = pr_read(infile, ibuf, sizeof(ibuf))) > 0) { rv = sgn_update(sgn, ibuf, nb); if (rv != secsuccess) { pr_fprintf(pr_stderr, "problem while sgn_update\n"); goto cleanup; } } rv = sgn_end(sgn, res); if (rv != secsuccess) { pr_fprintf(pr_s...
...ibutes[0]->attrtype) == sec_oid_pkcs9_extension_request) { rv = cert_getcertificaterequestextensions(certreq, &crexts); if (rv != secsuccess) { pr_fprintf(pr_stderr, "%s\n", port_errortostring(rv)); goto cleanup; } rv = cert_mergeextensions(exthandle, crexts); if (rv != secsuccess) { pr_fprintf(pr_stderr, "%s\n", port_errortostring(rv)); goto cleanup; } } cert_finishextensions(exthandle); /* self-
signing a cert request, find the private key */ if (*selfsignprivkey == null) { *selfsignprivkey = pk11_findkeybydercert(slot, subjectcert, pwarg); if (!*selfsignprivkey) { pr_fprintf(pr_stderr, "failed to locate private key.\n"); rv = secfailure; goto cleanup; } } certder = signcert(handle, subjectcert, selfsign, hashalgtag, *selfsignprivkey, issuernickname,pwarg); if (certder) { if (ascii) { pr_fprint...
... encoding of request failed\n"); rv = secfailure; goto cleanup; } /* sign the request */ signalgtag = sec_getsignaturealgorithmoidtag(keytype, hashalgtag); if (signalgtag == sec_oid_unknown) { pr_fprintf(pr_stderr, "unknown key or hash type\n"); rv = secfailure; goto cleanup; } rv = sec_dersigndata(arena, &result, encoding->data, encoding->len, privk, signalgtag); if (rv) { pr_fprintf(pr_stderr, "
signing of data failed\n"); rv = secfailure; goto cleanup; } /* encode request in specified format */ if (ascii) { char *obuf; char *name, *email, *org, *state, *country; secitem *it; int total; it = &result; obuf = btoa_convertitemtoascii(it); total = pl_strlen(obuf); name = cert_getcommonname(subject); if (!name) { name = strdup("(not specified)"); } email = cert_getcertemailaddress(subject); if (!ema...
NSS functions
only mxr 3.2 and later nss_cmssigneddata_verifysignerinfo mxr 3.2 and later nss_cmssignerinfo_addmssmimeenckeyprefs mxr 3.6 and later nss_cmssignerinfo_addsmimecaps mxr 3.2 and later nss_cmssignerinfo_addsmimeenckeyprefs mxr 3.2 and later nss_cmssignerinfo_add
signingtime mxr 3.2 and later nss_cmssignerinfo_create mxr 3.2 and later nss_cmssignerinfo_createwithsubjkeyid mxr 3.6 and later nss_cmssignerinfo_destroy mxr 3.2 and later nss_cmssignerinfo_getcertlist mxr 3.2 and later nss_cmssignerinfo_getsignercommonname m...
...xr 3.2 and later nss_cmssignerinfo_getsigneremailaddress mxr 3.2 and later nss_cmssignerinfo_get
signingcertificate mxr 3.2 and later nss_cmssignerinfo_get
signingtime mxr 3.2 and later nss_cmssignerinfo_getverificationstatus mxr 3.2 and later nss_cmssignerinfo_getversion mxr 3.2 and later nss_cmssignerinfo_includecerts mxr 3.2 and later nss_cmsutil_verificationstatustostring mxr 3.2 and later nss_smimesignerinfo_savesmimeprofile mxr 3.4 and later nss_smimeutil_findbulkalgforrecipients mxr 3.2 and later pkcs #7 functions the public...
... function name/documentation source code nss versions sec_pkcs7addcertificate mxr 3.3 and later sec_pkcs7addrecipient mxr 3.2 and later sec_pkcs7add
signingtime mxr 3.2 and later sec_pkcs7containscertsorcrls mxr 3.4 and later sec_pkcs7contentisencrypted mxr 3.4 and later sec_pkcs7contentissigned mxr 3.4 and later sec_pkcs7contenttype mxr 3.2 and later sec_pkcs7copycontentinfo mxr 3.4 and later ...
...r sec_pkcs7getcertificatelist mxr 3.2 and later sec_pkcs7getcontent mxr 3.2 and later sec_pkcs7getencryptionalgorithm mxr 3.2 and later sec_pkcs7getsignercommonname mxr 3.4 and later sec_pkcs7getsigneremailaddress mxr 3.4 and later sec_pkcs7get
signingtime mxr 3.4 and later sec_pkcs7includecertchain mxr 3.2 and later sec_pkcs7iscontentempty mxr 3.2 and later sec_pkcs7setcontent mxr 3.4 and later sec_pkcs7verifydetachedsignature mxr 3.4 and later sec_pkcs7verifysignature mxr 3.2 and later ...
NSS Tools certutil
there are three available trust categories for each certificate, expressed in this order: "ssl ,email ,object
signing ".
... in each category position use zero or more of the following attribute codes: p prohibited (explicitly distrusted) p trusted peer c valid ca t trusted ca to issue client certificates (implies c) c trusted ca to issue server certificates (ssl only) (implies c) u certificate can be used for authentication or
signing w send warning (use with other attributes to include a warning when the certificate is used in that context) the attribute codes for the categories are separated by commas, and the entire set of attributes enclosed by quotation marks.
...this extension allows a certificate's key to be dedicated to supporting specific operations such as ssl server or object
signing.
...:c1:25:5a:33:98:16:52:78:24:80: c9:53:11:40:99:f5:bd:b8:e9:35:0e:5d:3e:38:6a:5c:10:d1: c6:f9:54:af:28:56:62:f4:2f:b3:9b:50:e1:c3:a2:ba:27:ee: 07:9f:89:2e:78:5c:6d:46:b6:5e:99:de:e6:9d:eb:d9:ff:b2: 5f:c6:f6:c6:52:4a:d4:67:be:8d:fc:dd:52:51:8e:a2:d7:15: 71:3e certificate trust flags: ssl flags: valid ca trusted ca email flags: valid ca trusted ca object
signing flags: valid ca trusted ca validating a certificate this example validates a certificate: certutil -v -n jsmith@netscape.com -b 9803201212z -u sr -e -l -d certdir the certificate database tool shows results similar to certificate:'jsmith@netscape.com' is valid.
Reference Manual
the fourth (applying the dont_queryinterface directive) is a synonym for just as
signing in a raw xpcom interface pointer of the same type.
...options for as
signing into an nscomptr.
...nt_queryinterface(t*) do_queryinterface(nsisupports*), do_queryinterface(nsisupports*, nsresult*) do_queryreferent(nsiweakreference*), do_queryreferent(nsiweakreference*, nsresult*) don't addref dont_addref(t*), getter_addrefs(t*) n/a e.g., one of the possibilities for as
signing into an nscomptr, but you don't want to addref the pointer you are as
signing (because it has already been addrefed for some reason) is dont_addref(t*) found at the intersection of "don't addref" and "don't qi".
...nscomptr<nsifoo> foo( dont_queryinterface(afooptr) ); // or foo = dont_queryinterface(afooptr); by using this form, you are promising that the pointer you are as
signing in is already a pointer to the xpcom-correct interface matching the nscomptrs underlying type, in this case, nsifoo.
PKCS #11 Netscape Trust Objects - Network Security Services
examples of purposes are: email, code
signing, authenticating a server.
... cka_trust_code_
signing ck_trust level of trust for code
signing purpose.
... cka_trust_key_cert_sign ck_trust level of trust for certificate
signing key usage purpose.
... cka_trust_key_crl_sign ck_trust level of trust for crl
signing key usage purpose.
SubtleCrypto.importKey() - Web APIs
*/ function importsecretkey(rawkey) { return window.crypto.subtle.importkey( "raw", rawkey, "aes-gcm", true, ["encrypt", "decrypt"] ); } pkcs #8 import this example imports an rsa private
signing key from a pem-encoded pkcs #8 object.
...q6pt0o/bgf2o+cedq0diylgk64cevwbwsbnsg4vzlbqriauejljwedajya4ee8y5a9l04dzv7njb5crak6crgxxay/mbjrftahxvlazgxypgsye6ufs0+3eommevvdzqbf4qecgyea0zf6vavz28+8wlo6sp3w8nmphk7k9tgevufq30sgdx4g7qpigfprbb4op/e0qcfsiimi3scppjvumqdvvzypoimub+rv3zoxkrzxeuorpopr48fzbl7rn90yrqsasrp9e4iv8qwb3vxle7x0tdqqnryqrc/osgzus2zchokmcu8= -----end private key-----`; /* import a pem encoded rsa private key, to use for rsa-pss
signing.
...data const binaryderstring = window.atob(pemcontents); // convert from a binary string to an arraybuffer const binaryder = str2ab(binaryderstring); return window.crypto.subtle.importkey( "spki", binaryder, { name: "rsa-oaep", hash: "sha-256" }, true, ["encrypt"] ); } json web key import this code imports an ecdsa private
signing key, given a json web key object that represents it.
... const jwkeckey = { "crv": "p-384", "d": "wouctu7nw4e8_7n5c1-xbjb4xqsb_lizhymsy8mggxuny6q8ncoh9xsiviwlffk_", "ext": true, "key_ops": ["sign"], "kty": "ec", "x": "szrrxmyi8vwfjg1dpunbfcc9jzvjzefh7ulki1ukxaltd7rgwrcffxqygpcwu6aq", "y": "hhuag3ovdzer0uuqnd4pxhqtxp5idgdyhjhl-wlkjngjqaw0rngy5v29-av-ysew" }; /* import a pem encoded rsa private key, to use for rsa-pss
signing.
SubtleCrypto.unwrapKey() - Web APIs
ey, // cryptokey representing key encryption key "aes-kw", // algorithm identifier for key encryption key "aes-gcm", // algorithm identifier for key to unwrap true, // extractability of key to unwrap ["encrypt", "decrypt"] // key usages for key to unwrap ); } unwrapping a "pkcs8" key in this example we unwrap an rsa-pss private
signing key.
...1,236,60,233, 160,172,68,169,2,5,252,190,20,54,115,248,63,93,107,156,8,96,85,32,189,118, 66,114,126,64,203,97,235,13,18,102,192,51,59,5,122,171,96,129,40,32,154,4, 191,234,75,184,112,201,244,110,50,216,44,88,139,175,58,112,7,52,25,64,112, 40,148,187,39,234,96,151,16,158,114,113,109,164,47,108,94,148,35,232,221, 33,110,126,170,25,234,45,165,180,210,193,120,247,155,127]; /* the unwrapped
signing key.
... */ let
signingkey; const signbutton = document.queryselector(".pkcs8 .sign-button"); /* convert an array of byte values to an arraybuffer.
... const saltbuffer = bytestoarraybuffer(saltbytes); // 3 derive the key from key material and salt return window.crypto.subtle.derivekey( { "name": "pbkdf2", salt: saltbuffer, "iterations": 100000, "hash": "sha-256" }, keymaterial, { "name": "aes-gcm", "length": 256}, true, [ "wrapkey", "unwrapkey" ] ); } /* unwrap an rsa-pss private
signing key from an arraybuffer containing the raw bytes.
cfx - Archive of obsolete content
--keydir=keydir supply a different location for
signing keys.
... --keydir=keydir supply a different location for
signing keys.
... internal options --keydir=keydir supply a different location for
signing keys.
Index - Archive of obsolete content
299
signing an xpi add-ons, code snippets, extensions, guide, needshelp, xpinstall this article describes how to sign your own firefox extensions with a code-
signing certificate on a windows platform.
... 300
signing an extension add-ons, administration, extensions, themes, xpinstall, enterprise this article describes how to digitally sign your extension for firefox and thunderbird, with a code
signing certificate for object
signing.
... 3416 bypassing security restrictions and
signing code security, web development early versions of firefox allowed web sites to segregate principals using signed scripts, and request extra permissions for scopes within signed scripts using a function called enableprivelege.
JavaScript crypto - Archive of obsolete content
services are provided to enable: smart card events, generating certificate requests, importing user certs, generating random numbers, logging out of your tokens, and
signing text.
... overview of the new cert issuing process user fills out enrollment form user action initiates script script calls key generation method (generatecrmfrequest)
signing and encryption keys are generated encryption private key is wrapped with public key of key recovery authority (kra) (passed in in the form of a certificate as part of the script, and checked against a pre-installed certificate copy in the local certificate database) the public keys, wrapped encryption private key, and text string from the script (possibly containing naming or enrollment info) ...
...pe=submit name="load" value="submit"></p> </form> <script> /* the following values could be filled in by the server cgi */ var nickname= "mycertnickname"; var cert = "mkjflakdjfiwjflaksufklasf ..."; var forcebackup = false; function loadcertificate() { window.crypto.importusercertificates(nickname, cert, forcebackup); return false; } document.forms[0].onsubmit = loadcertificate; </script>
signing text domstring signtext(domstring stringtosign, domstring caoption /* ...
deck - Archive of obsolete content
you may select an item by as
signing its index to this property.
... by as
signing -1 to this property, all items will be deselected.
...as
signing a value to this property will modify the selected panel.
tabbox - Archive of obsolete content
you may select an item by as
signing its index to this property.
... by as
signing -1 to this property, all items will be deselected.
...as
signing a value to this property will modify the selected panel.
tabpanels - Archive of obsolete content
you may select an item by as
signing its index to this property.
... by as
signing -1 to this property, all items will be deselected.
...as
signing a value to this property will modify the selected panel.
Creating localizable web applications
good: body.de foo, body.fr foo, body.pl foo { /* locale-specific rules for the foo element */ width: 10em; /* originally 8em */ } adapt the interaction to rtl locales right-to-left locales not only require good images handling (see images), but also should be taken into account when de
signing the interaction on the website.
...bad: <p id="breadcrumbs"> <?printf(_("<a href=\"%s\">personas home</a> : <a href=\"%s\">sign in</a> : forgot your password?"), $locale_conf->url('/'), $locale_conf->url('/
signin'));?> </p> snippet 6.
..._("forgot your password?"), $locale_conf->url('/'), $locale_conf->url('/
signin'));?> </p> snippet 7.
NSS 3.16.3 release notes
:e1:25:f5:c8:36 cn = quovadis root ca 3 g3 sha1 fingerprint: 48:12:bd:92:3c:a8:c4:39:06:e7:30:6d:27:96:e6:a4:cf:22:2e:7d the trust bits were changed for the following ca certificates ou = class 3 public primary certification authority sha1 fingerprint: a1:db:63:93:91:6f:17:e4:18:55:09:40:04:15:c7:02:40:b0:ae:6b turned off websites and code
signing trust bits (1024-bit root) ou = class 3 public primary certification authority sha1 fingerprint: 74:2c:31:92:e6:07:e4:24:eb:45:49:54:2b:e1:bb:c5:3e:61:74:e2 turned off websites and code
signing trust bits (1024-bit root) ou = class 2 public primary certification authority - g2 sha1 fingerprint: b3:ea:c4:47:76:c9:c8:1c:ea:f2:9d:95:b6:cc:a0:08:1b:67...
...:ec:9d turned off code
signing trust bit (change requested by ca) cn = verisign class 2 public primary certification authority - g3 sha-1 fingerprint: 61:ef:43:d7:7f:ca:d4:61:51:bc:98:e0:c3:59:12:af:9f:eb:63:11 turned off code
signing trust bit (change requested by ca) cn = ac raíz certicámara s.a.
... sha1 fingerprint: cb:a1:c5:f8:b0:e3:5e:b8:b9:45:12:d3:f9:34:a2:e9:06:10:d3:36 turned off websites trust bit (change requested by ca) cn = netlock uzleti (class b) tanusitvanykiado sha1 fingerprint: 87:9f:4b:ee:05:df:98:58:3b:e3:60:d6:33:e7:0d:3f:fe:98:71:af turned off websites and code
signing trust bits (1024-bit root) cn = netlock expressz (class c) tanusitvanykiado sha1 fingerprint: e3:92:51:2f:0a:cf:f5:05:df:f6:de:06:7f:75:37:e1:65:ea:57:4b turned off websites and code
signing trust bits (1024-bit root) bugs fixed in nss 3.16.3 this bugzilla query returns all the bugs fixed in nss 3.16.3: https://bugzilla.mozilla.org/buglist.cgi?resolution=fixed&classification=components&query_format=advanced&product=nss&tar...
nss tech note7
rsa
signing and encryption with nss nss technical note: 7 this technical note explains how to use nss to perform rsa
signing and encryption.
... the industry standard for rsa
signing and encryption is pkcs #1.
... functions rsa
signing and encryption functions are provided by two layers of nss function: the sgn_ and vfy_ functions in cryptohi.h, and the pk11_ functions in pk11pub.h.
NSS tools : modutil
modutil -dbdir sql:/home/mt"jar-install-filey/sharednssdb -jar install.jar -installdir sql:/home/my/sharednssdb this installation jar file was signed by: ---------------------------------------------- **subject name** c=us, st=california, l=mountain view, cn=cryptorific inc., ou=digital id class 3 - netscape object
signing, ou="www.verisign.com/repository/cps incorp.
...liability ltd.(c)97 verisign, ou=verisign object
signing ca - class 3 organization, ou="verisign, inc.", o=verisign trust network **issuer name**, ou=www.verisign.com/cps incorp.by ref.
... liability ltd.(c)97 verisign, ou=verisign object
signing ca - class 3 organization, ou="verisign, inc.", o=verisign trust network ---------------------------------------------- do you wish to continue this installation?
NSS Tools
source, documentation, tasks/plans cmsutil 1.0 performs basic cms operations such as encrypting, decrypting, and
signing messages.
...for additional information about this tool, see object
signing.
...for additional information about this tool, see form
signing ...
NSS tools : modutil
modutil -dbdir sql:/home/mt"jar-install-filey/sharednssdb -jar install.jar -installdir sql:/home/my/sharednssdb this installation jar file was signed by: ---------------------------------------------- **subject name** c=us, st=california, l=mountain view, cn=cryptorific inc., ou=digital id class 3 - netscape object
signing, ou="www.verisign.com/repository/cps incorp.
...liability ltd.(c)97 verisign, ou=verisign object
signing ca - class 3 organization, ou="verisign, inc.", o=verisign trust network **issuer name**, ou=www.verisign.com/cps incorp.by ref.
... liability ltd.(c)97 verisign, ou=verisign object
signing ca - class 3 organization, ou="verisign, inc.", o=verisign trust network ---------------------------------------------- do you wish to continue this installation?
Applying styles and colors - Web APIs
this is done by either setting the globalalpha property or by as
signing a semi-transparent color to the stroke and/or fill style.
... // as
signing transparent colors to stroke and fill style ctx.strokestyle = 'rgba(255, 0, 0, 0.5)'; ctx.fillstyle = 'rgba(255, 0, 0, 0.5)'; the rgba() function is similar to the rgb() function but it has one extra parameter.
...therefore, as
signing the black color at position 0.5 automatically makes the gradient, from the start to this stop, black.
PasswordCredential - Web APIs
id: the id of the user
signing in.
... name: (optional) the name of the user
signing in.
... password: the password of the user
signing in.
Mobile Web Development - Developer guides
we've organized it into two sections, de
signing for mobile devices and cross-browser compatibility.
... de
signing for mobile devices mobile devices have quite different hardware characteristics compared with desktop or laptop computers.
...see this article on de
signing for touch screens.
A re-introduction to JavaScript (JS tutorial) - JavaScript
we'll talk about variables later, but in javascript it is possible to declare a variable without as
signing a value to it.
... var a; var name = 'simon'; an example of scope with a variable declared with var: // myvarvariable *is* visible out here for (var myvarvariable = 0; myvarvariable < 5; myvarvariable++) { // myvarvariable is visible to the whole function } // myvarvariable *is* visible out here if you declare a variable without as
signing any value to it, its type is undefined.
... function personfullname() { return this.first + ' ' + this.last; } function personfullnamereversed() { return this.last + ', ' + this.first; } function person(first, last) { this.first = first; this.last = last; this.fullname = personfullname; this.fullnamereversed = personfullnamereversed; } that's better: we are creating the method functions only once, and as
signing references to them inside the constructor.
Arrow function expressions - JavaScript
however, note that in // this example we are not as
signing `length` value to the made up property.
... this.age++; }, 1000); } var p = new person(); in ecmascript 3/5, the this issue was fixable by as
signing the value in this to a variable that could be closed over.
... strict mode should prevent creating global variables when as
signing to an undeclared identifier in a function.
Destructuring assignment - JavaScript
function f() { return [1, 2]; } let a, b; [a, b] = f(); console.log(a); // 1 console.log(b); // 2 ignoring some returned values you can ignore return values that you're not interested in: function f() { return [1, 2, 3]; } const [a, , b] = f(); console.log(a); // 1 console.log(b); // 3 const [c] = f(); console.log(c); // 1 you can also ignore all returned values: [,,] = f(); as
signing the rest of an array to a variable when destructuring an array, you can unpack and assign the remaining part of it to a variable using the rest pattern: const [a, ...b] = [1, 2, 3]; console.log(a); // 1 console.log(b); // [2, 3] be aware that a syntaxerror will be thrown if a trailing comma is used on the left-hand side with a rest element: const [a, ...b,] = [1, 2, 3]; // syntaxerror: rest...
... as
signing to new variable names a property can be unpacked from an object and assigned to a variable with a different name than the object property.
... const {a = 10, b = 5} = {a: 3}; console.log(a); // 3 console.log(b); // 5 as
signing to new variables names and providing default values a property can be both 1) unpacked from an object and assigned to a variable with a different name and 2) assigned a default value in case the unpacked value is undefined.
Strict mode - JavaScript
in normal code as
signing to nan does nothing; the developer receives no failure feedback.
... in strict mode as
signing to nan throws an exception.
... x; } the simple alternative of as
signing the object to a short name variable, then accessing the corresponding property on that variable, stands ready to replace with.
ui/button/action - Archive of obsolete content
responding to click events you can respond to click events by as
signing a listener to the button's click event.
... you can do this in the button's constructor, by as
signing the listener to the onclick option.
ui/button/toggle - Archive of obsolete content
responding to click events you can respond to click events by as
signing a listener to the button's click or change events.
... you can do this in the button's constructor, by as
signing the listener to the onclick or onchange option.
jpm - Archive of obsolete content
jpm sign --api-key ${jwt_issuer} --api-secret ${jwt_secret} this submits an xpi it to the addons.mozilla.org
signing api, then downloads a signed xpi to the working directory if it passes validation.
... --api-url-prefix=http://.../api an optional api url prefix in case you'd like to use a pre-production
signing api.
Extension Versioning, Update and Compatibility - Archive of obsolete content
and all popular (scripting) languages offer support, for examples: python, perl: cpan digest, php
signing update manifests if you wish to serve your update rdf over regular http, gecko 1.9 based applications will require that you digitally sign the update manifest to ensure that it's information isn't tampered with between you creating it and applications retrieving it.
... the technical details of the
signing mechanism are beyond the scope of this document however the basics are as follows: step 1 - done once, before you publish your add-on the target: adding updatekey in install.rdf the add-on author creates a public/private rsa cryptographic key pair.
Chapter 3: Introduction to XUL—How to build a more intuitive UI - Archive of obsolete content
radio button as
signing type="radio" to multiple menuitem elements and setting them to have the same name attribute groups them so that selecting one deselects all the others, much like radio buttons in html.
... <checkbox label="checkbox checked" checked="true"/> <checkbox label="checkbox unchecked" checked="false"/> listing 11: checkboxes in different state figure 11: output from listing 11 radio buttons radio buttons in html are multiple input elements grouped by as
signing them all the same name attribute.
Index of archived content - Archive of obsolete content
useful mozilla community sites user notifications and alerts xpcom objects performance best practices in extensions search extension tutorial (draft) security best practices in extensions session store api setting up an extension development environment
signing an xpi
signing an extension supporting search suggestions in search plugins tabbed browser techniques promises updating addons broken by private browsing changes using dependent libraries in extension components using the stylesheet service bookmarks.export()...
... index index of archived content inner-browsing extending the browser navigation paradigm install.js jxon list of former mozilla-based applications list of mozilla-based applications localizing an extension mmgc makefile - .mk files misc top level bypassing security restrictions and
signing code creating a web based tone generator defining cross-browser tooltips environment variables affecting crash reporting io guide images, tables, and mysterious gaps installing plugins to gecko embedding browsers on windows mcd, mission control desktop, aka autoconfig monitoring wifi access points no proxy ...
Digital Signatures - Archive of obsolete content
the content of the hashed data cannot, for all practical purposes, be deduced from the hash-which is why it is called "one-way." similarly, in public key encryption, a key pair is generated for digital
signing.
... the key pair consists of a private
signing key and a public verification key.
Index - MDN Web Docs Glossary: Definitions of Web-related terms
211 iana glossary, infrastructure iana (internet assigned numbers authority) is a subsidiary of icann charged with recording and/or as
signing domain names, ip addresses, and other names and numbers used by internet protocols.
...the mobile-first approach contrasts with the older approach of de
signing for desktop screen sizes first, and then only later adding some support for small screen sizes.
Overflowing content - Learn web development
you can constrain the size of these boxes by as
signing values of width and height (or inline-size and block-size).
...there may be more text than you expected when de
signing the site, or the text may be larger.
How to build custom form controls - Learn web development
de
signing new interactions is generally only an option for very large industry players who have enough reach that an interaction they create can become a standard.
... creating the look and feel using css now that we have a structure, we can start de
signing our control.
Componentizing our Svelte app - Learn web development
we will just declare the onclick prop as
signing a dummy handler to prevent errors, like this: export let onclick = (clicked) => {} and we'll declare the following reactive statement — $: onclick(filter) — to call the onclick handler whenever the filter variable is updated.
...thanks to svelte reactivity, as
signing the value of the editing variable will be enough to display the correct html elements.
Dynamic behavior in Svelte: working with variables and props - Learn web development
add this to the bottom of your <script> block inside src/components/todo.svelte: function addtodo() { todos.push({ id: 999, name: newtodoname, completed: false }) newtodoname = '' } note: for the moment we are just as
signing the same id to every todo, but don't worry, we will fix that soon.
...just as
signing one of these values to the filter variable will activate the filter and update the list of todos.
Git and GitHub - Learn web development
git is an example of a vcs, and github is a web site + infrastructure that provides a git server plus a number of really useful tools for working with git repositories individually or in teams, such as reporting issues with the code, reviewing tools, project management features such as as
signing tasks and task statuses, and more.
... mastering issues (from github) issues are like a forum for your github project, where people can ask questions and report problems, and you can manage updates (for example as
signing people to fix issues, clarifying the issue, letting people know things are fixed).
Index
676 index add-ons, glossary, guide, index found 689 pages: 677
signing and distributing your add-on add-ons, extensions, webextensions, distribution, publication, reviews,
signing add-ons need to be signed before they can be installed into release and beta versions of firefox.
... this
signing process takes place through addons.mozilla.org (amo), whether you choose to distribute your add-on through amo or to do it yourself.
Debugging on Mac OS X
bug 1522409 was filed to automate code
signing local builds to enable hardened runtime by default and eliminate this discrepancy.
...this requires creating a code
signing identity.
Mozilla DOM Hacking Guide
we can change the url of the current window by as
signing window.location.
...as of writing this document, the code in nswindowsh::newresolve() looks like this: (nsdomclassinfo.cpp) if (flags & jsresolve_as
signing) { // only define the property if we are setting it.
NSS 3.14.2 release notes
new types: in certt.h cert_pi_useonlytrustanchors in secoidt.h sec_oid_ms_ext_key_usage_ctl_
signing notable changes in nss 3.14.2 bug 805604 - support for aes-ni and avx accelerated aes-gcm was contributed by shay gueron of intel.
... bug 807890 - added support for microsoft trust list
signing eku.
NSS 3.18.1 release notes
notable changes in nss 3.18.1 the following ca certificate had the websites and code
signing trust bits restored to their original state to allow more time to develop a better transition strategy for affected sites.
... the websites and code
signing trust bits were turned off in nss 3.18.
NSS API Guidelines
same level as ssl lib/crmf cmmf.h, crmf.h, crmft.h, cmmft.h, crmffut.h cryptohi provides high-level cryptographic support operations: such as
signing, verifying signatures, key generation, key manipulation, hashing; and data types.
...it also provides functions that invoke operations in selected modules and slots, such as key selection and generation,
signing, encryption and decryption, etc.
Enc Dec MAC Output Public Key as CSR
generates encryption/mac keys and outputs public key as certificate
signing request /* this source code form is subject to the terms of the mozilla public * license, v.
... request */ signalgtag = sec_getsignaturealgorithmoidtag(keytype, hashalgtag); if (signalgtag == sec_oid_unknown) { pr_fprintf(pr_stderr, "unknown key or hash type\n"); rv = secfailure; goto cleanup; } rv = sec_dersigndata(arena, &result, encoding->data, encoding->len, privk, signalgtag); if (rv) { pr_fprintf(pr_stderr, "
signing of data failed\n"); rv = secfailure; goto cleanup; } /* encode request in specified format */ if (ascii) { char *obuf; char *name, *email, *org, *state, *country; secitem *it; int total; it = &result; obuf = btoa_convertitemtoascii(it); total = pl_strlen(obuf); name = cert_getcommonname(subject); ...
PKCS11 FAQ
by convention, all certificates making up a single personality should have the same label (that is, a pair of certificates, one for
signing and one for key exchange, should have the same label).
... if a pkcs #11 library reports that, for example, it does not support rsa
signing operations, does nss expect to be able to pull an rsa private key off the token using the c_getattributevalue call and then do the operation in software?
PKCS 7 functions
function name/documentation source code nss versions sec_pkcs7addcertificate mxr 3.3 and later sec_pkcs7addrecipient mxr 3.2 and later sec_pkcs7add
signingtime mxr 3.2 and later sec_pkcs7containscertsorcrls mxr 3.4 and later sec_pkcs7contentisencrypted mxr 3.4 and later sec_pkcs7contentissigned mxr 3.4 and later sec_pkcs7contenttype mxr 3.2 and later sec_pkcs7copycontentinfo mxr 3.4 and later ...
...r sec_pkcs7getcertificatelist mxr 3.2 and later sec_pkcs7getcontent mxr 3.2 and later sec_pkcs7getencryptionalgorithm mxr 3.2 and later sec_pkcs7getsignercommonname mxr 3.4 and later sec_pkcs7getsigneremailaddress mxr 3.4 and later sec_pkcs7get
signingtime mxr 3.4 and later sec_pkcs7includecertchain mxr 3.2 and later sec_pkcs7iscontentempty mxr 3.2 and later sec_pkcs7setcontent mxr 3.4 and later sec_pkcs7verifydetachedsignature mxr 3.4 and later sec_pkcs7verifysignature mxr 3.2 and later ...
FC_Sign
description fc_sign signs a message in a single operation according to the attributes of the previous call to fc_
signinit.
... return value examples see also fc_
signinit, nsc_sign ...
FC_SignEncryptUpdate
name fc_signencryptupdate - continue a multi-part
signing and encryption operation syntax ck_rv fc_signencryptupdate( ck_session_handle hsession, ck_byte_ptr ppart, ck_ulong ulpartlen, ck_byte_ptr pencryptedpart, ck_ulong_ptr pulencryptedpartlen ); parameters hsession [in] session handle.
...after calling both fc_
signinit and fc_encryptinit to set up the operations this function may be called multiple times.
FC_SignFinal
name fc_signfinal - finish a multi-part
signing operation.
... description fc_signfinal finishes a multi-part
signing operation by returning the complete signature and clearing the operation context.
FC_SignUpdate
name fc_signupdate - process the next block of a multi-part
signing operation.
... return value examples see also fc_
signinit, fc_signfinal, nsc_signupdate ...
gtstd.html
>certutil -r -d server_db -s "cn=myco.mcom.org,o=myco,st=california,c=us" -a -o server_db/server.req enter password or pin for "communicator certificate db": this step simulates the ca
signing and issuing a new server certificate based on the server's certificate request.
... >certutil -r -d client_db -s "cn=joe client,o=myco,st=california,c=us" -a -o client_db/client.req enter password or pin for "communicator certificate db": this step simulates the ca
signing and issuing a new client certificate based on the client's certificate request.
sslerr.html
sec_error_cert_addr_mismatch -8100 address in
signing certificate does not match address in message headers.
...use." sec_error_extra_input -8052 "der-encoded message contained extra unused data." sec_error_unsupported_elliptic_curve -8051 "unsupported elliptic curve." sec_error_unsupported_ec_point_form -8050 "unsupported elliptic curve point form." sec_error_unrecognized_oid -8049 "unrecognized object identifier." sec_error_ocsp_invalid_
signing_cert -8048 "invalid ocsp
signing certificate in ocsp response." sec_error_revoked_certificate_crl -8047 "certificate is revoked in issuer's certificate revocation list." sec_error_revoked_certificate_ocsp -8046 "issuer's ocsp responder reports certificate is revoked." sec_error_crl_invalid_version -8045 "issuer's certificate revocation list has ...
S/MIME functions
only mxr 3.2 and later nss_cmssigneddata_verifysignerinfo mxr 3.2 and later nss_cmssignerinfo_addmssmimeenckeyprefs mxr 3.6 and later nss_cmssignerinfo_addsmimecaps mxr 3.2 and later nss_cmssignerinfo_addsmimeenckeyprefs mxr 3.2 and later nss_cmssignerinfo_add
signingtime mxr 3.2 and later nss_cmssignerinfo_create mxr 3.2 and later nss_cmssignerinfo_createwithsubjkeyid mxr 3.6 and later nss_cmssignerinfo_destroy mxr 3.2 and later nss_cmssignerinfo_getcertlist mxr 3.2 and later nss_cmssignerinfo_getsignercommonname m...
...xr 3.2 and later nss_cmssignerinfo_getsigneremailaddress mxr 3.2 and later nss_cmssignerinfo_get
signingcertificate mxr 3.2 and later nss_cmssignerinfo_get
signingtime mxr 3.2 and later nss_cmssignerinfo_getverificationstatus mxr 3.2 and later nss_cmssignerinfo_getversion mxr 3.2 and later nss_cmssignerinfo_includecerts mxr 3.2 and later nss_cmsutil_verificationstatustostring mxr 3.2 and later nss_smimesignerinfo_savesmimeprofile mxr 3.4 and later nss_smimeutil_findbulkalgforrecipients mxr 3.2 and later ...
Bytecode Descriptions
format: jof_atom, jof_name, jof_propset, jof_checkstrict, jof_ic setgname operands: (uint32_t nameindex) stack: env, val ⇒ val like jsop::setname, but for as
signing to globals.
...format: jof_atom, jof_name, jof_propset, jof_gname, jof_checksloppy, jof_ic strictsetgname operands: (uint32_t nameindex) stack: env, val ⇒ val like jsop::strictsetgname, but for as
signing to globals.
Mozilla Projects
specifically, it focuses on the process of digitally
signing update manifests so the applications can verify the integrity of a manifest retrieved over normally insecure channels.
...these operations include setting up an ssl connection, object
signing and signature verification, certificate management (including issuance and revocation), and other common pki functions.
Debugger - Firefox Developer Tools
it is an accessor property with a getter and setter: as
signing to it enables or disables this debugger instance; reading it produces true if the instance is enabled, or false otherwise.
... as
signing anything other than a callable value or null to this property throws a typeerror exception.
CryptoKeyPair - Web APIs
for
signing and verification algorithms it is used to sign.
...for
signing and verification algorithms it is used to verify signatures.
DataTransfer.effectAllowed - Web APIs
as
signing a value to effectallowed in events other than dragstart has no effect.
... as
signing any other value to effectallowed has no effect and the old value is retained.
ElementCSSInlineStyle.style - Web APIs
setting styles styles should not be set by as
signing a string directly to the style property (as in elt.style = "color: blue;"), since it is considered read-only, as the style attribute returns a cssstyledeclaration object which is also read-only.
... instead, styles can be set by as
signing values to the properties of style.
Index - Web APIs
3220 rtcdtmfsender audio, dtmf, interface, media, pstn, rtcdtmfsender, reference, telephony, touch-tone, webrtc, webrtc api listen to these events using addeventlistener() or by as
signing an event listener to the oneventname property of this interface.
... 4582 basic concepts behind web audio api audio, beginner, guide, introduction, media, web audio, web audio api, concepts, sound this article explains some of the audio theory behind how the features of the web audio api work, to help you make informed decisions while de
signing how audio is routed through your app.
SubtleCrypto.exportKey() - Web APIs
*/ window.crypto.subtle.generatekey( { name: "aes-gcm", length: 256, }, true, ["encrypt", "decrypt"] ).then((key) => { const exportbutton = document.queryselector(".raw"); exportbutton.addeventlistener("click", () => { exportcryptokey(key); }); }); pkcs #8 export this example exports an rsa private
signing key as a pkcs #8 object.
...s that require long-term security moduluslength: 2048, publicexponent: new uint8array([1, 0, 1]), hash: "sha-256", }, true, ["encrypt", "decrypt"] ).then((keypair) => { const exportbutton = document.queryselector(".spki"); exportbutton.addeventlistener("click", () => { exportcryptokey(keypair.publickey); }); }); json web key import this code exports an ecdsa private
signing key as a json web key object.
SubtleCrypto.generateKey() - Web APIs
let keypair = window.crypto.subtle.generatekey( { name: "rsa-oaep", moduluslength: 4096, publicexponent: new uint8array([1, 0, 1]), hash: "sha-256" }, true, ["encrypt", "decrypt"] ); elliptic curve key pair generation this code generates an ecdsa
signing key pair.
... let keypair = window.crypto.subtle.generatekey( { name: "ecdsa", namedcurve: "p-384" }, true, ["sign", "verify"] ); hmac key generation this code generates an hmac
signing key.
SubtleCrypto.wrapKey() - Web APIs
*/ window.crypto.subtle.generatekey( { name: "aes-gcm", length: 256, }, true, ["encrypt", "decrypt"] ) .then((secretkey) => { return wrapcryptokey(secretkey); }) .then((wrappedkey) => { console.log(wrappedkey); }); pkcs #8 wrap this example wraps an rsa private
signing key.
...oaep", // consider using a 4096-bit key for systems that require long-term security moduluslength: 2048, publicexponent: new uint8array([1, 0, 1]), hash: "sha-256", }, true, ["encrypt", "decrypt"] ) .then((keypair) => { return wrapcryptokey(keypair.publickey); }) .then((wrappedkey) => { console.log(wrappedkey); }); json web key import this code wraps an ecdsa private
signing key.
Establishing a connection: The WebRTC perfect negotiation pattern - Web APIs
perfect negotiation works by as
signing each of the two peers a role to play in the negotiation process that's entirely separate from the webrtc connection state: a polite peer, which uses ice rollback to prevent collisions with incoming offers.
...it could be as simple as as
signing the polite role to the first peer to connect to the signaling server, or you could do something more elaborate like having the peers exchange random numbers and as
signing the polite role to the winner.
Accessibility and Spacial Patterns - Accessibility
the two images below are from nasa research, specifically, from the article, "de
signing with blue" "spatial localization.
... see also mdn accessibiltity: what users can do to browse more safely web accessibiltity for seizures and physical reactions web accessibility: understanding colors and luminance braille part 3: a step-by-step guide to typesetting ada braille correctly in adobe illustrator spatial math in brailleblaster (4 of 5) government literature nasa: de
signing with blue math spatial reasoning: why math talk is about more than numbers scientific literature colour constancy in context: roles for local adaptation and levels of reference gamma oscillations and photosensitive epilepsy characterizing the patterned images that precipitate seizures and optimizing guidelines to prevent them arnold wilkins, john emmett, and graham harding contrib...
Variable fonts guide - CSS: Cascading Style Sheets
optical size this is something new to digital fonts and css, but is actually a centuries-old technique in de
signing and creating metal type.
...the practice of de
signing different grades of a typeface was often done in reaction to intended use and printing technique.
Applying color to HTML elements using CSS - HTML: Hypertext Markup Language
using color wisely making the right choices when selecting colors when de
signing a website can be a tricky process, especially if you aren't well-grounded in art, design, or at least basic color theory.
... a few examples (all free to use as of the time this list was last revised): mdn's color picker tool paletton adobe color cc online color wheel when de
signing your palette, be sure to keep in mind that in addition to the colors these tools typically generate, you'll probably also need to add some core neutral colors such as white (or nearly white), black (or nearly black), and some number of shades of gray.
HTTP Public Key Pinning (HPKP) - HTTP
the following commands will help you extract the base64 encoded information from a key file, a certificate
signing request, or a certificate.
... openssl rsa -in my-rsa-key-file.key -outform der -pubout | openssl dgst -sha256 -binary | openssl enc -base64 openssl ec -in my-ecc-key-file.key -outform der -pubout | openssl dgst -sha256 -binary | openssl enc -base64 openssl req -in my-
signing-request.csr -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64 openssl x509 -in my-certificate.crt -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64 the following command will extract the base64 encoded information for a website.
Expressions and operators - JavaScript
as
signing the expression or logging it: const z = (x = y); // or equivalently: const z = x = y; console.log(z); // log the return value of the assignment x = y.
...this expression uses the + operator to add three and four together without as
signing the result, seven, to a variable.
Numbers and dates - JavaScript
the parse method is useful for as
signing values from date strings to existing date objects.
...the first statement creates a variable temp, as
signing it a value using a conditional expression; if hour is greater than 12, (hour - 12), otherwise simply hour, unless hour is 0, in which case it becomes 12.
Regular expressions - JavaScript
'd(b+)d' as shown in the second form of this example, you can use a regular expression created with an object initializer without as
signing it to a variable.
...for this reason, if you use this form without as
signing it to a variable, you cannot subsequently access the properties of that regular expression.
Working with objects - JavaScript
you can define a property by as
signing it a value.
...an example is: objectname.methodname = functionname; var myobj = { mymethod: function(params) { // ...do something } // or this works too myothermethod(params) { // ...do something else } }; where objectname is an existing object, methodname is the name you are as
signing to the method, and functionname is the name of the function.
Classes - JavaScript
a, b) { const dx = a.x - b.x; const dy = a.y - b.y; return math.hypot(dx, dy); } } const p1 = new point(5, 5); const p2 = new point(10, 10); p1.distance; //undefined p2.distance; //undefined console.log(point.distance(p1, p2)); // 7.0710678118654755 binding this with prototype and static methods when a static or prototype method is called without a value for this, such as by as
signing a variable to the method and then calling it, the this value will be undefined inside the method.
... private fields cannot be created later through as
signing to them, the way that normal properties can.
The arguments object - JavaScript
that is, as
signing new values to variables in the body of the function will not affect the arguments object.
... nor will as
signing new variables to the arguments object affect the value of variables.
Object.create() - JavaScript
adding the missing object-method directly from the standard-object does not work: ocn = object.create( null ); // create "null" object (same as before) ocn.tostring = object.tostring; // since new object lacks method then try as
signing it directly from standard-object > ocn.tostring // shows "tostring() { [native code] }" -- missing method seems to be there now > ocn.tostring == object.tostring // shows "true" -- method seems to be same as the standard object-method > ocn.tostring() // error: function.prototype.tostring requires that 'this' be a function adding the missing object-method directly to new object's "prototyp...
...really the cause of all these problems) and one cannot be directly added: ocn = object.create( null ); // create "null" object (same as before) ocn.prototype.tostring = object.tostring; // error: cannot set property 'tostring' of undefined ocn.prototype = {}; // try to create a prototype ocn.prototype.tostring = object.tostring; // since new object lacks method then try as
signing it from standard-object > ocn.tostring() // error: ocn.tostring is not a function adding the missing object-method by using the standard-object as new object's prototype does not work either: ocn = object.create( null ); // create "null" object (same as before) object.setprototypeof(ocn, object); // set new object's prototype to the standard-object > ocn.tostring() // error: func...
l10n - Archive of obsolete content
note that you can't currently use localize strings appearing in content scripts or html files, but you can share the localized strings you want by as
signing it's values to a json serializable object.
Localization - Archive of obsolete content
alt label title placeholder further the localization of the aria attributes aria-label, aria-valuetext and aria-moz-hint are supported with the same aliases as on firefox os: arialabel ariavaluetext ariamozhint using localized strings in javascript to reference localized strings from your main add-on code, you do this: var _ = require("sdk/l10n").get; console.log(_("hello_id")); as
signing to "_" in particular is not required, but is a convention from the gettext tools and will make it possible to work with existing tools that expect "_" to indicate localizable strings.
Code snippets - Archive of obsolete content
p and handle drag and drop events dialogs code used to display and process dialog boxes alerts and notifications modal and non-modal ways to notify users preferences code used to read, write, and modify preferences js xpcom code used to define and call xpcom components in javascript running applications code used to run other applications <canvas> related what wg canvas-related code
signing a xpi how to sign an xpi with pki delayed execution performing background operations.
List of Mozilla-Based Applications - Archive of obsolete content
lrunner qutecom phone software previously named openwengo redcar text editor seems to use xulrunner red hat directory server server product uses nss red hat certificate system server product uses nss regex renamer tool to rename files sameplace im client scenari platform application suite for de
signing publishing chains script it android development platform uses mozilla rhino, develop directly on your android device seamonkey suite a volunteer community legally backed by mozilla foundation with 2.5 million downloads secure browser browser that uses virtualization created by dell sept cms for lemonde.fr web site more information h...
Mozilla Application Framework in Detail - Archive of obsolete content
at provides platform-independence (across over a dozen platforms) for non-gui operating system facilities with support for threads, thread synchronization, normal file and network i/o, interval timing and calendar time, basic memory management (malloc and free) and shared library linking; psm, a set of libraries that perform cryptographic operations including setting up an ssl connection, object
signing and signature verification, certificate management (including issuance and revocation), other common pki functions, and s/mime support; an sql support that provides the ability to set up data sources, query a database, and retrieve results as javascript objects or rdf data sources; and an api for directory services via the lightweight directory access protocol (ldap).
Priority Content - Archive of obsolete content
migrators: nigel mcfarlane and ben karel shorter works mostly completed: bypassing security restrictions and
signing code original: bypassing security restrictions and
signing code wiki location: bypassing security restrictions and
signing code migrators: joel stanley i added the related links from the original article.
Keyboard Shortcuts - Archive of obsolete content
as
signing a keyboard shortcut on a menu the second way is: if you are as
signing a keyboard shortcut that performs a command that also exists on a menu, you can associate the key element directly with the menu command.
Deploying XULRunner - Archive of obsolete content
xulrunner 39 and later due to mac os x code
signing rules and how they interact with the design of xulrunner (see bug 1105044 for the inside scoop), starting with xulrunner 39 the xulrunner library files are no longer able to reside in a xulrunner framework directory.
2006-10-20 - Archive of obsolete content
help required de
signing new home for quality.mozilla.org - talented web designers and/or artists interested in helping the design for quality.mozilla.org please read this posting.
TCP/IP Security - Archive of obsolete content
de
signing a cryptographically sound application protocol is very difficult, and implementing it properly is even more challenging, so creating new application layer security controls is likely to create vulnerabilities.
Web Standards - Archive of obsolete content
de
signing and building with these standards simplifies and lowers the cost of production, while delivering sites that are accessible to more people and more types of internet devices.
Building up a basic demo with Babylon.js - Game development
now let's add a material: var torusmaterial = new babylon.standardmaterial("material", scene); torusmaterial.emissivecolor = new babylon.color3(0.4, 0.4, 0.4); torus.material = torusmaterial; it looks similar to the box element — we're creating the standard material, giving it a grayish color and as
signing it to the torus.
Mobile touch controls - Game development
pure javascript approach we could implement touch events on our own — setting up event listeners and as
signing relevant functions to them would be quite straightforward: var el = document.getelementsbytagname("canvas")[0]; el.addeventlistener("touchstart", handlestart); el.addeventlistener("touchmove", handlemove); el.addeventlistener("touchend", handleend); el.addeventlistener("touchcancel", handlecancel); this way, touching the game's <canvas> on the mobile screen would emit events, and thus we could...
Unconventional controls - Game development
math.round(hand.roll() * todegrees); verticaldegree = math.round(hand.pitch() * todegrees); grabstrength = hand.grabstrength; output.innerhtml = 'leap motion: <br />' + ' roll: ' + horizontaldegree + '° <br />' + ' pitch: ' + verticaldegree + '° <br />' + ' strength: ' + grabstrength + ''; } }); the code above is calculating and as
signing the horizontaldegree, verticaldegree and grabstrength values that we will use later on, and outputting it in html so we can see the actual values.
Build the brick field - Game development
the final version of the drawbricks() function, after as
signing the brickx and bricky values as the coordinates instead of (0,0) each time, will look like this — add this into your code below the drawpaddle() function: function drawbricks() { for(var c=0; c<brickcolumncount; c++) { for(var r=0; r<brickrowcount; r++) { var brickx = (c*(brickwidth+brickpadding))+brickoffsetleft; var bricky = (r*(brickheight+brickpadding))...
IIFE - MDN Web Docs Glossary: Definitions of Web-related terms
(function () { var aname = "barry"; })(); // variable aname is not accessible from the outside scope aname // throws "uncaught referenceerror: aname is not defined" as
signing the iife to a variable stores the function's return value, not the function definition itself.
Cascade and inheritance - Learn web development
understanding the cascade we now understand why a paragraph nested deep in the structure of your html is the same color as the css applied to the body, and from the introductory lessons we have an understanding of how to change the css applied to something at any point in the document — whether by as
signing css to an element or creating a class.
Test your skills: tables - Learn web development
in this task we are going to style the same table, but using some good practices for table design as outlined in the external article web typography: de
signing tables to be read not looked at.
CSS FAQ - Learn web development
however, as
signing multiple classes to a single element can provide the same effect, and css variables now provide a way to define style information in one place that can be reused in multiple places.
What HTML features promote accessibility? - Learn web development
<a href="inept.html" title="why i'm rubbish at writing link text: an explanation and an apology.">click here</a> to find out more.</p> access keys access keys provide easier navigation by as
signing a keyboard shortcut to a link, which will usually gain focus when the user presses alt or ctrl + the access key.
What are hyperlinks? - Learn web development
we'll talk about de
signing website navigation in another article, but as a rule, whenever you add a new webpage, make sure at least one of your other pages links to that new page.
Web forms — Working with user data - Learn web development
introductory guides your first form the first article in our series provides your very first experience of creating a web form, including de
signing a simple form, implementing it using the right html elements, adding some very simple styling via css, and how data is sent to a server.
JavaScript basics - Learn web development
after declaring a variable, you can give it a value: myvariable = 'bob'; also, you can do both these operations on the same line: let myvariable = 'bob'; you retrieve the value by calling the variable name: myvariable; after as
signing a value to a variable, you can change it later in the code: let myvariable = 'bob'; myvariable = 'steve'; note that variables may hold values that have different data types: variable explanation example string this is a sequence of text known as a string.
Gecko Profiler FAQ
neither the process of accumulation, nor the process of as
signing things to buckets, is easily doable with the current ui.
Leak-hunting strategies and tips
double-addref: this happens most often when as
signing the result of a function that returns an addrefed pointer (bad!) into an nscomptr without using dont_addref().
Memory reporting
in this case it's often clearer to increment the numbers rather than as
signing to them, especially if you're measuring multiple entities and summing their measurements.
Phishing: a short definition
another solution is to strengthen logins with pictures, or colored words, often chosen when
signing up for a service.
4.3.1 Release Notes
we provide the jss4.jar in case you do not want to obtain your own jce code
signing certificate.
4.3 Release Notes
we provide the jss4.jar in case you do not want to obtain your own jce code
signing certificate.
Build instructions for JSS 4.3.x
if you're intention is to modify and build the jss source you need to apply for your own jce code-
signing certificate if you made no changes and your goal is to build jss you can use the signed binary release of the jss4.jar from ftp.mozilla.org.
JSS Provider Notes
apply for your own jce code-
signing certificate following the procedure at how to implement a provider for the javatm cryptography extension.
Mozilla-JSS JCA Provider notes
apply for your own jce code-
signing certificate following the procedure at how to implement a provider for the javatm cryptography extension.
NSS_3.12.1_release_notes.html
ion bug 442618: eliminate dead function cert_certpackagetype bug 443755: extra semicolon in pkm_tlskeyandmacderive makes conditional code unconditional bug 443760: extra semicolon in seqdatabase makes static analysis tool suspicious bug 448323: certutil -k doesn't report the token and slot names for found keys bug 448324: ocsp checker returns incorrect error code on request with invalid
signing cert bug 449146: remove dead libsec function declarations bug 453227: installation of pem-encoded certificate without trailing newline fails documentation for a list of the primary nss documentation pages on mozilla.org, see nss documentation.
NSS_3.12_release_notes.html
der file bug 213359: enhance pk12util to extract certs from p12 file bug 329067: nss encodes cert distinguished name attributes with wrong string type bug 339906: sec_pkcs12_install_bags passes uninitialized variables to functions bug 396484: certutil doesn't truncate existing temporary files when writing them bug 251594: certificate from pkcs#12 file with colon in friendlyname not selectable for
signing/encryption bug 321584: nss pkcs12 decoder fails to import bags without nicknames bug 332633: remove duplicate header files in nss/cmd/sslsample bug 335019: pk12util takes friendly name from key, not cert bug 339173: mem leak whenever secmod_handle_string_arg called in loop bug 353904: klocwork null ptr deref in secasn1d.c bug 366390: correct misleading function names in fipstest bug 370536: memo...
NSS 3.14.3 release notes
new functions in pk11pub.h pk11_signwithsymkey - similar to pk11_sign, performs a
signing operation in a single operation.
NSS 3.17.3 release notes
:44:c9:fe:b3:f3:3e:fa:9a cn = america online root certification authority 1 sha-1 fingerprint: 39:21:c1:15:c1:5d:0e:ca:5c:cb:5b:c4:f0:7d:21:d8:05:0b:56:6a cn = america online root certification authority 2 sha-1 fingerprint: 85:b5:ff:67:9b:0c:79:96:1f:c8:6e:44:22:00:46:13:db:17:92:84 the following ca certificates had the websites and code
signing trust bits turned off ou = class 3 public primary certification authority - g2 sha1 fingerprint: 85:37:1c:a6:e5:50:14:3d:ce:28:03:47:1b:de:3a:09:e8:f8:77:0f cn = equifax secure ebusiness ca-1 sha1 fingerprint: da:40:18:8b:91:89:a3:ed:ee:ae:da:97:fe:2f:9d:f5:b7:d1:8a:41 the following ca certificates were added cn = comodo rsa certificat...
NSS 3.18 release notes
the following ca certificates had the websites and code
signing trust bits turned off ou = equifax secure certificate authority sha1 fingerprint: d2:32:09:ad:23:d3:14:23:21:74:e4:0d:7f:9d:62:13:97:86:63:3a cn = equifax secure global ebusiness ca-1 sha1 fingerprint: 7e:78:4a:10:1c:82:65:cc:2d:e1:f1:6d:47:b4:40:ca:d9:0a:19:45 cn = tc trustcenter class 3 ca ii sha1 fingerprint: 80:25:ef:f4:6e:70:c8:d...
NSS 3.24 release notes
(applications should instead use the new ssl_configservercert function.) ssl_setstapledocspresponses ssl_setsignedcerttimestamps ssl_configsecureserver ssl_configsecureserverwithcertchain deprecate the nss_findcertkeatype function, as it reports a misleading value for certificates that might be used for
signing rather than key exchange.
NSS 3.28 release notes
nss will now check if rsa-pss
signing is supported by the token that holds the private key prior to using it for tls (bug 1311950).
Python binding for NSS
onnection_info_format_lines sslsocket.connection_info_format sslsocket.connection_info_str sslciphersuiteinfo.format_lines sslciphersuiteinfo.format sslchannelinfo.format_lines sslchannelinfo.format the following class properties were added: certificate.ssl_trust_flags certificate.email_trust_flags certificate.
signing_trust_flags sslciphersuiteinfo.cipher_suite sslciphersuiteinfo.cipher_suite_name sslciphersuiteinfo.auth_algorithm sslciphersuiteinfo.auth_algorithm_name sslciphersuiteinfo.kea_type sslciphersuiteinfo.kea_type_name sslciphersuiteinfo.symmetric_cipher sslciphersuiteinfo.symmetric_cipher_name sslciphersuiteinfo.symmetric_key_bits ...
FC_SignRecover
pdata [in] mechanism to be used for the
signing operation.
FC_VerifyRecover
psignature [in] mechanism to be used for the
signing operation.
FIPS mode of operation
fc_
signinit fc_sign fc_signupdate fc_signfinal fc_signrecoverinit fc_signrecover signature and mac verification functions these functions support dsa, rsa, ecdsa, and hmac.
Personal Security Manager (PSM)
these operations include setting up an ssl connection, object
signing and signature verification, certificate management (including issuance and revocation), and other common pki functions.
Tutorial: Embedding Rhino
ethod scriptableobject.defineclass uses a java class to define the counter "class" in the top-level scope: scriptableobject.defineclass(scope, counter.class); now we can reference the counter object from our script: $ java runscript4 "c = new counter(3); c.count; c.count;" it also creates a new instance of the counter object from within our java code, constructing it with the value 7, and as
signing it to the top-level variable mycounter: object[] arg = { new integer(7) }; scriptable mycounter = cx.newobject(scope, "counter", arg); scope.put("mycounter", scope, mycounter); now we can reference the mycounter object from our script: $ java runscript3 'runscript4 'mycounter.count; mycounter.count' 8 ...
Index
365 js_isas
signing jsapi reference, obsolete, reference, référence(2), spidermonkey js_isas
signing returns true if a script is executing and its current bytecode is a set (assignment) operation, even if there are native (no script) stack frames between the script and the caller to js_isas
signing.
Property cache
without this guarantee, every access to a property via a prototype chain would have to recheck each link in the prototype chain, even though as
signing to __proto__ is very rare.) adding guarantee — if at time t0 the object x has shape s, and rt->protohazardshape is z, and x does not inherit a jsprop_shared or jsprop_readonly property with name n from any prototype, and at time t1 an object y has shape s and rt->protohazardshape is z, and no shape-regenerating gc occurred, then y does not inherit a jsprop_shared or jsprop_readonly prope...
JSAPI User Guide
in de
signing this kind of application, it's important to think through the security concerns ahead of time.
JSExtendedClass.wrappedObject
(the result may be "object", "function", or "xml".) when as
signing to __proto__ or __parent__ from script, the javascript engine checks to see if the assignment would produce a cycle.
JSNewResolveOp
jsresolve_as
signing obsolete since jsapi 31 the property appears on the left-hand side of an assignment.
JSPropertyOp
this ecmascript incompatibility is observable when as
signing to the length property of an array, for example.
JS_LookupProperty
jsresolve_as
signing behave as though the property name appeared on the left-hand side of an assignment.
Property attributes
as
signing to obj.x, where obj inherits a non-shared property from its prototype, creates a new own data property on obj; the prototype's .x is not shared with its children.
JSAPI reference
null added in spidermonkey 31 js_getglobalforscopechain obsolete since jsapi 25 js_getglobalobject obsolete since jsapi 24 js_setglobalobject obsolete since jsapi 25 js_initclass js_initstandardclasses js_resolvestandardclass js_enumeratestandardclasses js_enumerateresolvedstandardclasses obsolete since jsapi 24 js_isrunning js_saveframechain js_restoreframechain js_isas
signing obsolete since javascript 1.8.5 js_isconstructing obsolete since jsapi 26 js_isconstructing_possiblywithgiventhisobject obsolete since jsapi 17 js_getscopechain obsolete since javascript 1.8.7 compartments: class jsautocompartment added in spidermonkey 24 js_newglobalobject added in spidermonkey 17 js_entercompartment added in spidermonkey 24 js_leavecompartment added in spidermonke...
SpiderMonkey 1.8.5
droot – use js_add*root js_addnamedrootrt – use js_add*root js_addroot – use js_add*root js_clearnewbornroots – no longer needed js_clearoperationcallback js_clearregexproots js_decompilescript js_destroyscript js_enterlocalrootscope js_executescriptpart js_forgetlocalroot js_getfunctionname js_getoperationlimit js_getscriptobject js_getstringbytes js_getstringchars js_isas
signing js_leavelocalrootscope js_leavelocalrootscopewithresult js_newdouble js_newdoublevalue js_newscriptobject js_newstring js_poparguments js_pusharguments js_pushargumentsva js_removeroot js_removerootrt js_sealobject js_setbranchcallback js_setcallreturnvalue2 js_setcheckobjectaccesscallback js_setobjectprincipalsfinder js_setoperationlimit js_setprincipalstranscoder api changes...
SpiderMonkey 1.8
a handful of changes are not backwards-compatible: the result of as
signing to a property with a setter has changed (bug 312354).
XPCOM array guide
when de
signing public interfaces, enumerators are the preferred mechanism for accessing these structures because they hide the details of the implementation behind the interface.
An Overview of XPCOM
maintenance even when you are not updating a component, de
signing your application in a modular way can make it easier for you to find and maintain the parts of the application that you are interested in.
Starting WebLock
this makes changes to the interface when de
signing a bit simpler, as you do not have to modify any class declarations.
Using XPCOM Components
« previousnext » one of the best ways to begin working with xpcom - especially when you are de
signing the interface to a component that will be used by others, as we do in starting weblock - is to look at how clients are already using xpcom components.
Components.utils.Sandbox
importing functions or objects into the sandbox you can import functions or objects into the sandbox simply by as
signing them to the sandbox object.
mozIRegistry
these are placeholders for the types of components you're de
signing and implementing.
XPCOM primitive
(however, if you are de
signing that kind of api today, you should probably use nsivariant instead.) idl data type interface component idl nsidptr nsisupportsid @mozilla.org/supports-id;1 [scriptable, uuid(d18290a0-4a1c-11d3-9890-006008962422)] interface nsisupportsid : nsisupportsprimitive { attribute nsidptr data; string tostring(); }; astring nsisupportsstring @mozilla.org/supports-string;1 [scriptable, uuid(...
nsCOMPtr versus RefPtr
do_queryinterface versus do_queryobject the do_queryinterface helper is only available when as
signing to nscomptr.
Working with data
creating uninitialized cdata objects there are three forms of the syntax for creating cdata objects without immediately as
signing them a value: var mycdataobj = new type; var mycdataobj = new type(); var mycdataobj = type(); these all do the same thing: they return a new cdata object of the specified type, whose data buffer has been populated entirely with zeroes.
Mozilla
signing mozilla apps for mac os x mac os x's gatekeeper functionality prevents users from launching applications that haven't been code-signed, in order to help keep their computers secure.
Accessibility Inspector - Firefox Developer Tools
color contrast contrast ratio information is particularly useful when you are de
signing the color palette for your website because if the contrast is not sufficient, readers with visual impairments such as low vision or color blindness will be unable to read the text.
Debugger.Source - Firefox Developer Tools
thus, setting a dom element’s event handler idl attribute by as
signing to the corresponding javascript property creates a source whose introductionscript and introductionoffset refer to the property assignment.
Index - Firefox Developer Tools
101 responsive design mode design, dev tools, firefox, guide, responsive design, tools, web development, l10n:priority responsive design is the practice of de
signing a website so it looks and works properly on a range of different devices — particularly mobile phones and tablets as well as desktops and laptops.
Responsive Design Mode - Firefox Developer Tools
responsive design is the practice of de
signing a website so it looks and works properly on a range of different devices — particularly mobile phones and tablets as well as desktops and laptops.
about:debugging (before Firefox 68) - Firefox Developer Tools
the big advantages of this method, compared with installing an add-on from an xpi, are: you don't have to rebuild an xpi and reinstall when you change the add-on's code you can load an add-on without
signing it and without needing to disable
signing.
about:debugging - Firefox Developer Tools
the major advantages of this method, compared with installing an add-on from an xpi, are: you don't have to rebuild an xpi and reinstall when you change the add-on's code; you can load an add-on without
signing it and without needing to disable
signing.
AbortSignal - Web APIs
events listen to this event using addeventlistener() or by as
signing an event listener to the oneventname property of this interface.
Animation - Web APIs
de
signing safer web animation for motion sensitivity · an a list apart article an introduction to the reduced motion media query | css-tricks responsive design for motion | webkit mdn understanding wcag, guideline 2.2 explanations understanding success criterion 2.2.2 | w3c understanding wcag 2.0 specifications specification status comment web animationsthe definition of ...
AudioScheduledSourceNode - Web APIs
events listen to these events using addeventlistener() or by as
signing an event listener to the oneventname property of this interface: ended fired when the source node has stopped playing, either because it's reached a predetermined stop time, the full duration of the audio has been performed, or because the entire buffer has been played.
Crypto - Web APIs
crypto.subtle read only secure context returns a subtlecrypto object providing access to common cryptographic primitives, like hashing,
signing, encryption, or decryption.
Document.getElementById() - Web APIs
when creating an element and as
signing it an id, you have to insert the element into the document tree with node.insertbefore() or a similar method before you can access it with getelementbyid(): var element = document.createelement('div'); element.id = 'testqq'; var el = document.getelementbyid('testqq'); // el will be null!
Document - Web APIs
events listen to these events using addeventlistener() or by as
signing an event listener to the oneventname property of this interface.
Element - Web APIs
events listen to these events using addeventlistener() or by as
signing an event listener to the oneventname property of this interface.
FileReader - Web APIs
events listen to these events using addeventlistener() or by as
signing an event listener to the oneventname property of this interface.
HTMLAudioElement - Web APIs
listen to events using addeventlistener() or by as
signing an event listener to the oneventname property of this interface.
HTMLDetailsElement - Web APIs
events listen to this event using addeventlistener() or by as
signing an event listener to the oneventname property of this interface.
HTMLElement - Web APIs
events listen to these events using addeventlistener() or by as
signing an event listener to the oneventname property of this interface.
HTMLFormElement - Web APIs
events listen to these events using addeventlistener(), or by as
signing an event listener to the oneventname property of this interface.
HTMLImageElement.srcset - Web APIs
the srcset property, along with the sizes property, are a crucial component in de
signing responsive web sites, as they can be used together to make pages that use appropriate images for the rendering situation.
HTMLInputElement - Web APIs
events listen to these events using addeventlistener() or by as
signing an event listener to the oneventname property of this interface: input fires when the value of an <input>, <select>, or <textarea> element has been changed.
HTMLMediaElement - Web APIs
listen to these events using addeventlistener() or by as
signing an event listener to the oneventname property of this interface.
HTMLSelectElement - Web APIs
events listen to these events using addeventlistener() or by as
signing an event listener to the oneventname property of this interface: input event fires when the value of an <input>, <select>, or <textarea> element has been changed.
HTMLTextAreaElement - Web APIs
events listen to these events using addeventlistener() or by as
signing an event listener to the oneventname property of this interface: input event fires when the value of an <input>, <select>, or <textarea> element has been changed.
HTMLVideoElement - Web APIs
listen to these events using addeventlistener() or by as
signing an event listener to the oneventname property of this interface.
IDBDatabase: abort event - Web APIs
ar', { unique: false }); }; dbopenrequest.onsuccess = (event) => { const db = dbopenrequest.result; db.addeventlistener('abort', () => { console.log('transaction aborted'); }); // open a read/write db transaction, ready for adding the data const transaction = db.transaction(['todolist'], 'readwrite'); // abort the transaction transaction.abort(); }; the same example, but as
signing the event handler to the onabort property: // open the database const dbopenrequest = window.indexeddb.open('todolist', 4); dbopenrequest.onupgradeneeded = (event) => { const db = event.target.result; // create an objectstore for this database const objectstore = db.createobjectstore('todolist', { keypath: 'tasktitle' }); // define what data items the objectstore will contain objec...
IDBDatabase - Web APIs
events listen to these events using addeventlistener() or by as
signing an event listener to the oneventname property of this interface.
IDBOpenDBRequest - Web APIs
events listen to these events using addeventlistener() or by as
signing an event listener to the oneventname property of this interface.
IDBRequest - Web APIs
events listen to these events using addeventlistener() or by as
signing an event listener to the oneventname property of this interface.
IDBTransaction: abort event - Web APIs
onsuccess = event => { const db = dbopenrequest.result; // open a read/write db transaction, ready for adding the data const transaction = db.transaction(['todolist'], 'readwrite'); // add a listener for `abort` transaction.addeventlistener('abort', () => { console.log('transaction was aborted'); }); // abort the transaction transaction.abort(); }; the same example, but as
signing the event handler to the onabort property: // open the database const dbopenrequest = window.indexeddb.open('todolist', 4); dbopenrequest.onupgradeneeded = event => { const db = event.target.result; db.onerror = () => { console.log('error creating database'); }; // create an objectstore for this database var objectstore = db.createobjectstore('todolist', { keypath: 'tasktitle' ...
IDBTransaction - Web APIs
events listen to these events using addeventlistener() or by as
signing an event listener to the oneventname property of this interface.
MediaRecorder - Web APIs
events listen to these events using addeventlistener() or by as
signing an event listener to the oneventname property of this interface.
MediaStreamTrack - Web APIs
events listen to these events using addeventlistener() or by as
signing an event listener to the oneventname property of this interface: ended sent when playback of the track ends (when the value readystate changes to ended).
Using the Media Capabilities API - Web APIs
handling the response instead of the as
signing the promise to a variable, we can output the values returned by the promise to the console: navigator.mediacapabilities.decodinginfo(videoconfiguration).then(result => { console.log('this configuration is ' + (result.supported ?
OfflineAudioContext - Web APIs
events listen to these events using addeventlistener() or by as
signing an event listener to the oneventname property of this interface: complete fired when the rendering of an offline audio context is complete.
PannerNode.orientationX - Web APIs
the audioparam contained by this property is read only; however, you can still change the value of the parameter by as
signing a new value to its audioparam.value property.
PannerNode.orientationY - Web APIs
the audioparam contained by this property is read only; however, you can still change the value of the parameter by as
signing a new value to its audioparam.value property.
PannerNode.orientationZ - Web APIs
the audioparam contained by this property is read only; however, you can still change the value of the parameter by as
signing a new value to its audioparam.value property.
PannerNode.positionX - Web APIs
the audioparam contained by this property is read only; however, you can still change the value of the parameter by as
signing a new value to its audioparam.value property.
PannerNode.positionY - Web APIs
the audioparam contained by this property is read only; however, you can still change the value of the parameter by as
signing a new value to its audioparam.value property.
PannerNode.positionZ - Web APIs
the audioparam contained by this property is read only; however, you can still change the value of the parameter by as
signing a new value to its audioparam.value property.
PaymentResponse - Web APIs
events listen to this event using addeventlistener() or by as
signing an event listener to the oneventname property of this interface.
Performance - Web APIs
events listen to these events using addeventlistener() or by as
signing an event listener to the oneventname property of this interface.
PushSubscription.options - Web APIs
this value is part of a
signing key pair generated by your application server, and usable with elliptic curve digital signature (ecdsa), over the p-256 curve.
RTCDTMFSender - Web APIs
events listen to these events using addeventlistener() or by as
signing an event listener to the oneventname property of this interface.
RTCIceTransport - Web APIs
events listen to these events using addeventlistener() or by as
signing an event listener to the oneventname property of this interface.
RTCPeerConnection: negotiationneeded event - Web APIs
you can also set an event handler for the negotiationneeded event by as
signing the event handler function to the rtcpeerconnection.onnegotiationneeded property: pc.onnegotiationneeded = ev => { pc.createoffer() .then(offer => return pc.setlocaldescription(offer)) .then(() => sendsignalingmessage({ type: "video-offer", sdp: pc.localdescription })) .catch(err => { /* handle error */ ); }; for a more detailed example, see starting negotiation in sig...
RTCPeerConnection - Web APIs
events listen to these events using addeventlistener() or by as
signing an event listener to the oneventname property of this interface.
SVGElement - Web APIs
methods this interface has no methods, but inherits methods from: documentandelementeventhandlers, element, elementcssinlinestyle, globaleventhandlers, htmlorforeignelement, svgelementinstance events listen to these events using addeventlistener() or by as
signing an event listener to the equivalent on...
ScriptProcessorNode - Web APIs
events listen to these events using addeventlistener() or by as
signing an event listener to the oneventname property of this interface: audioprocess fired when an input buffer of a scriptprocessornode is ready to be processed.
SpeechRecognition - Web APIs
events listen to these events using addeventlistener() or by as
signing an event listener to the oneventname property of this interface.
SpeechSynthesis - Web APIs
events listen to this event using addeventlistener() or by as
signing an event listener to the oneventname property of this interface.
SubtleCrypto - Web APIs
to perform operations like
signing and encrypting, you pass a cryptokey object into the sign() or encrypt() function.
VisualViewport - Web APIs
events listen to these events using addeventlistener() or by as
signing an event listener to the relevant oneventname property of this interface.
WebGLRenderingContext.vertexAttribPointer() - Web APIs
however, if you are de
signing the format yourself, or your geometry is in text files (like wavefront .obj files) and must be converted into an arraybuffer at runtime, you have free choice on how to structure the memory.
WebGLRenderingContext - Web APIs
this is done by as
signing the width and height properties of the canvas to the values of the clientwidth and clientheight properties, respectively.
Canvas size and WebGL - Web APIs
this is done by as
signing the width and height properties of the canvas to the values of the clientwidth and clientheight properties, respectively.
Getting started with WebGL - Web APIs
your browser or machine may not support it."); return; } // set clear color to black, fully opaque gl.clearcolor(0.0, 0.0, 0.0, 1.0); // clear the color buffer with specified clear color gl.clear(gl.color_buffer_bit); } window.onload = main; the first thing we do here is obtain a reference to the canvas, as
signing it to a variable named canvas.
Using textures in WebGL - Web APIs
the fragment shader the fragment shader likewise needs to be updated: const fssource = ` varying highp vec2 vtexturecoord; uniform sampler2d usampler; void main(void) { gl_fragcolor = texture2d(usampler, vtexturecoord); } `; instead of as
signing a color value to the fragment's color, the fragment's color is computed by fetching the texel (that is, the pixel within the texture) based on the value of vtexturecoord which like the colors is interpolated bewteen vertices.
Lifetime of a WebRTC session - Web APIs
it’s so big that years ago, smart people saw how big it was, how fast it was growing, and the limitations of the 32-bit ip addressing system, and realized that something had to be done before we ran out of addresses to use, so they started working on de
signing a new 64-bit addressing system.
WebSocket - Web APIs
events listen to these events using addeventlistener() or by as
signing an event listener to the oneventname property of this interface.
Inputs and input sources - Web APIs
additionally, the gamepad object maps those inputs to the gamepad, as
signing the trigger, squeeze, and touchpad tap to the input source's button list and the touchpad's "axes" to the axis list.
Basic concepts behind Web Audio API - Web APIs
this article explains some of the audio theory behind how the features of the web audio api work, to help you make informed decisions while de
signing how audio is routed through your app.
Web Audio API - Web APIs
essing using audioworkletthe process of creating an audio processor using javascript, establishing it as an audio worklet processor, and then using that processor within a web audio application is the topic of this article.basic concepts behind web audio apithis article explains some of the audio theory behind how the features of the web audio api work, to help you make informed decisions while de
signing how audio is routed through your app.controlling multiple parameters with constantsourcenodethis article demonstrates how to use a constantsourcenode to link multiple parameters together so they share the same value, which can be changed by simply setting the value of the constantsourcenode.offset parameter.example and tutorial: simple synth keyboardthis article presents the code and working dem...
Web Authentication API - Web APIs
assuming both of those steps are successful, the authenticator will create a new assertion by
signing over the clientdatahash and authenticatordata with the private key generated for this account during the registration call.
Window: beforeunload event - Web APIs
however note that not all browsers support this method, and some instead require the event handler to implement one of two legacy methods: as
signing a string to the event's returnvalue property returning a string from the event handler.
Window - Web APIs
events listen to these events using addeventlistener() or by as
signing an event listener to the oneventname property of this interface.
HTML in XMLHttpRequest - Web APIs
usage retrieving an html resource as a dom using xmlhttprequest works just like retrieving an xml resource as a dom using xmlhttprequest, except you can't use the synchronous mode and you have to explicitly request a document by as
signing the string "document" to the responsetype property of the xmlhttprequest object after calling open() but before calling send().
XRSession: visibilitychange event - Web APIs
you can also create the event handler by as
signing it to the xrsession's onvisibilitychange event handler property, like this: xrsession.onvisibilitychange = (e) => { /* event handled here */ }; specifications specification status comment webxr device apithe definition of 'visibilitychange event' in that specification.
ARIA: switch role - Accessibility
the switch role does not support the value mixed for the aria-checked attribute; as
signing a value of mixed to a switch instead sets the value to false.
Accessibility documentation index - Accessibility
the two images below are from nasa research, specifically, from the article, "de
signing with blue" 84 accessibility documentation index accessibility, index this document provides a list of links to all accessibility articles on the mozilla developer network.
Web Accessibility: Understanding Colors and Luminance - Accessibility
an interesting study by nasa on the color blue, for example, noted that this color, which has low luminance, can be made legible if "care was taken to acheive adequate luminance contrast" (from the article, de
signing with blue) wcag 2.1 defines relative luminance as follows (as of july 2019): for the srgb colorspace, the relative luminance of a color is defined as l = 0.2126 * r + 0.7152 * g+ 0.0722 * b where r, g and b are defined as: if rsrgb <= 0.03928 then r = rsrgb/12.92 else r = ((rsrgb+0.055)/1.055) ^ 2.4 if gsrgb <= 0.03928 then g = gsrgb/12.92 else g = ((gsrgb+0.055)/1.055) ^ 2.4 if bsrgb ...
Color contrast - Accessibility
when de
signing readable interfaces for different vision capabilities, the wcag guidelines recommend the following contrast ratios: type of content minimum ratio (aa rating) enhanced ratio (aaa rating) body text 4.5 : 1 7 : 1 large-scale text (120-150% larger than body text) 3 : 1 4.5 : 1 active user interface components and graphical objects such as icons and graphs 3 : 1 not defined these ratios do not apply to "incidental" text, such as inactive controls, logotypes, or purely decorative text.
:focus-visible - CSS: Cascading Style Sheets
tips for de
signing useful and usable focus indicators cognition it may not be obvious as to why the focus indicator is appearing and disappearing if a person is using mixed forms of input.
:focus - CSS: Cascading Style Sheets
tips for de
signing useful and usable focus indicators :focus { outline: none; } never just remove the focus outline (visible focus indicator) without replacing it with a focus outline that will pass wcag 2.1 sc 1.4.11 non-text contrast.
animation - CSS: Cascading Style Sheets
de
signing safer web animation for motion sensitivity · an a list apart article an introduction to the reduced motion media query | css-tricks responsive design for motion | webkit mdn understanding wcag, guideline 2.2 explanations understanding success criterion 2.2.2 | w3c understanding wcag 2.0 formal definition initial valueas each of the properties of the shorthand:animation-name: noneanimatio...
Getting Started - Developer guides
at this stage, you need to tell the xmlhttp request object which javascript function will handle the response, by setting the onreadystatechange property of the object and naming it after the function to call when the request changes state, like this: httprequest.onreadystatechange = nameofthefunction; note that there are no parentheses or parameters after the function name, because you're as
signing a reference to the function, rather than actually calling it.
Functions - JavaScript
this.age++; }, 1000); } var p = new person(); in ecmascript 3/5, this issue was fixed by as
signing the value in this to a variable that could be closed over.
Indexed collections - JavaScript
let arr = ['one', 'two', 'three'] arr[2] // three arr['length'] // 3 populating an array you can populate an array by as
signing values to its elements.
Object.assign() - JavaScript
console.log(obj); // { "0": "a", "1": "b", "2": "c" } exceptions will interrupt the ongoing copying task const target = object.defineproperty({}, 'foo', { value: 1, writable: false }); // target.foo is a read-only property object.assign(target, { bar: 2 }, { foo2: 3, foo: 3, foo3: 3 }, { baz: 4 }); // typeerror: "foo" is read-only // the exception is thrown when as
signing target.foo console.log(target.bar); // 2, the first source was copied successfully.
Object.defineProperty() - JavaScript
descriptor); // being explicit object.defineproperty(obj, 'key', { enumerable: false, configurable: false, writable: false, value: 'static' }); // recycling same object function withvalue(value) { var d = withvalue.d || ( withvalue.d = { enumerable: false, writable: false, configurable: false, value: value } ); // avoiding duplicate operation for as
signing value if (d.value !== value) d.value = value; return d; } // ...
String length - JavaScript
charlength', { get () { return getcharacterlength(this); } }); console.log('a\ud87e\udc04z'.charlength); // 3 examples basic usage let x = 'mozilla'; let empty = ''; console.log(x + ' is ' + x.length + ' code units long'); /* "mozilla is 7 code units long" */ console.log('the empty string has a length of ' + empty.length); // expected output: "the empty string has a length of 0" as
signing to length let mystring = "bluebells"; // attempting to assign a value to a string's .length property has no observable effect.
eval() - JavaScript
you can postpone evaluation of an expression involving x by as
signing the string value of the expression, say "3 * x + 2", to a variable, and then calling eval() at a later point in your script.
Nullish coalescing operator (??) - JavaScript
0; console.log(vala); // "default for a" console.log(valb); // "" (as the empty string is not null or undefined) console.log(valc); // 42 as
signing a default value to a variable earlier, when one wanted to assign a default value to a variable, a common pattern was to use the logical or operator (||): let foo; // foo is never assigned any value so it is still undefined let somedummytext = foo || 'hello!'; however, due to || being a boolean logical operator, the left hand-side operand was coerced to a boolean for the evaluation and any f...
this - JavaScript
* // create properties on |this| as * // desired by as
signing to them.
const - JavaScript
my_object = {'other_key': 'value'}; // however, object keys are not protected, // so the following statement is executed without problem my_object.key = 'othervalue'; // use object.freeze() to make object immutable // the same applies to arrays const my_array = []; // it's possible to push items into the array my_array.push('a'); // ["a"] // however, as
signing a new array to the variable throws an error // uncaught typeerror: assignment to constant variable.
var - JavaScript
ue will be indeed assigned when the assignment statement is reached: function do_something() { console.log(bar); // undefined var bar = 111; console.log(bar); // 111 } // ...is implicitly understood as: function do_something() { var bar; console.log(bar); // undefined bar = 111; console.log(bar); // 111 } examples declaring and initializing two variables var a = 0, b = 0; as
signing two variables with single string value var a = 'a'; var b = a; // ...is equivalent to: var a, b = a = 'a'; be mindful of the order: var x = y, y = 'a'; console.log(x + y); // undefineda here, x and y are declared before any code is executed, but the assignments occur later.
Mobile first - Progressive web apps (PWAs)
this article offers some related ideas, looking at the concept of mobile first — the practice of de
signing a website so that the default layout/configuration is for mobile devices, and layouts and features for desktop browsers are then layered on top of that default.
Applying SVG effects to HTML content - SVG: Scalable Vector Graphics
applying the svg effect to (x)html is accomplished by as
signing the target class defined above to an element, like this: <p class="target" style="background:lime;"> lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.
<animate> - SVG: Scalable Vector Graphics
de
signing safer web animation for motion sensitivity · an a list apart article an introduction to the reduced motion media query | css-tricks responsive design for motion | webkit mdn understanding wcag, guideline 2.2 explanations understanding success criterion 2.2.2 | w3c understanding wcag 2.0 specifications specification status comment svg animations level 2the de...
Web security
weak signature algorithms the strength of the hash algorithm used in
signing a digital certificate is a critical element of the security of the certificate.