Michal Špaček
@spazef0rze.bsky.social
In your web, securing your app. Hacker, webdev, speaker, engineer. Security shoptet.cz, ex-report-uri.com, ex-teenager. HTTPS = How To Transfer Private Sh💩. Also https://infosec.exchange/@spazef0rze
Díky za (virtuální) návštěvu přednášky, těší mě, že se líbila :-)
October 16, 2025 at 2:58 PM
Díky za (virtuální) návštěvu přednášky, těší mě, že se líbila :-)
You can configure it any way you want or need, but the extension comes with a bundled configuration files you can use out of the box. One of them disallows dangerous functions like var_dump() or put_env(), while another one blocks insecure functions like hash() with MD5 github.com/spaze/phpsta...
September 14, 2025 at 10:11 PM
You can configure it any way you want or need, but the extension comes with a bundled configuration files you can use out of the box. One of them disallows dangerous functions like var_dump() or put_env(), while another one blocks insecure functions like hash() with MD5 github.com/spaze/phpsta...
Just got one certificate using the tlsserver profile and of course as expected, the browsers are doing just fine, they just omit the field (Chrome), or say unknown (Firefox, could be confusing though).
August 23, 2025 at 11:50 PM
Just got one certificate using the tlsserver profile and of course as expected, the browsers are doing just fine, they just omit the field (Chrome), or say unknown (Firefox, could be confusing though).
There's another @letsencrypt.bsky.social certificate type ("profile") that doesn't come with a CN (Common Name) field anymore: the tlsserver profile.
It's a 90 day cert, its properties "reflect the latest recommendations from the CA/Browser Forum Baseline Requirements, as well as general trends."
It's a 90 day cert, its properties "reflect the latest recommendations from the CA/Browser Forum Baseline Requirements, as well as general trends."
August 23, 2025 at 11:50 PM
There's another @letsencrypt.bsky.social certificate type ("profile") that doesn't come with a CN (Common Name) field anymore: the tlsserver profile.
It's a 90 day cert, its properties "reflect the latest recommendations from the CA/Browser Forum Baseline Requirements, as well as general trends."
It's a 90 day cert, its properties "reflect the latest recommendations from the CA/Browser Forum Baseline Requirements, as well as general trends."
Such certificates are not very common today, but they will be more common in the future. For example Let's Encrypt's short-lived 6 day certificates do not have the CN field letsencrypt.org/docs/profiles/
You can find a cert without the CN field for testing here letsencrypt.org/2025/02/20/f...
You can find a cert without the CN field for testing here letsencrypt.org/2025/02/20/f...
Profiles
A profile is a collection of characteristics that describe both the validation process required to get a certificate, and the final contents of that certificate. For the vast majority of Let’s Encrypt...
letsencrypt.org
August 23, 2025 at 2:28 PM
Such certificates are not very common today, but they will be more common in the future. For example Let's Encrypt's short-lived 6 day certificates do not have the CN field letsencrypt.org/docs/profiles/
You can find a cert without the CN field for testing here letsencrypt.org/2025/02/20/f...
You can find a cert without the CN field for testing here letsencrypt.org/2025/02/20/f...
420: Czech your DNS cache (420 is the CZ phone country code and this is a lame joke of mine 😅)
August 8, 2025 at 5:10 PM
420: Czech your DNS cache (420 is the CZ phone country code and this is a lame joke of mine 😅)
Here's a draft written by ChatGPT 😁 It has defined the new code 432 and even a new media type application/dns-refresh+json that would provide more details on why do you feel the client should refresh their cache gist.github.com/spaze/c1e100...
"Refresh DNS" RFC draft as written by ChatGPT because bots frustrate me
"Refresh DNS" RFC draft as written by ChatGPT because bots frustrate me - "Refresh DNS" RFC draft prompt.txt
gist.github.com
August 8, 2025 at 11:26 AM
Here's a draft written by ChatGPT 😁 It has defined the new code 432 and even a new media type application/dns-refresh+json that would provide more details on why do you feel the client should refresh their cache gist.github.com/spaze/c1e100...
Absolutely! I hope that translates to free data transfers! Or maybe not 😅
August 1, 2025 at 2:54 PM
Absolutely! I hope that translates to free data transfers! Or maybe not 😅
Just remembered Wolf3D had no multiplayer, but we've still managed to play it co-op style with a friend of mine: the two of us were sitting at one computer, he was using the arrow keys to navigate, I was using the spacebar to shoot. I also remember the headache after many hours of nonstop action 😅
July 26, 2025 at 6:11 PM
Just remembered Wolf3D had no multiplayer, but we've still managed to play it co-op style with a friend of mine: the two of us were sitting at one computer, he was using the arrow keys to navigate, I was using the spacebar to shoot. I also remember the headache after many hours of nonstop action 😅
Git reflog is a log of what happened in your repo. Commited this, amended that, reset to this etc. It has references (the "ref" in reflog) which you can use to get back to a previous state of your repository. For me, a highly useful feature, probably not that well known. It has saved me many times.
July 23, 2025 at 9:30 PM
Git reflog is a log of what happened in your repo. Commited this, amended that, reset to this etc. It has references (the "ref" in reflog) which you can use to get back to a previous state of your repository. For me, a highly useful feature, probably not that well known. It has saved me many times.