@obetomuniz

The Quiet AI War Inside Your Browser

May 25 · 5 min read · Google shipped the Prompt API in Chrome 148 on May 5, 2026. Mozilla objected. Apple's WebKit team objected. The W3C TAG objected. Microsoft Edge disabled the feature entirely despite running on the sa

How to improve the Critical Path CSS on the web using the “Above-The-Fold" strategy?

May 31, 2021 · 1 min read · In this brief content, I am sharing about the Above-The-Fold strategy to load CSS and why it matters to improve the page loading of our web pages. 📁 Above-The-Fold strategy on the web is a practice that extracts critical CSS declaration to render th...

How to avoid Meltdown, Spectre and CSRF Attacks on Web with CORP, CORB, and CORS?

May 24, 2021 · 1 min read · A brief and useful content about the mechanics on Cross-Origin Read Blocking, Cross-Origin Resource Policy and Cross-Origin Resource Sharing against Meltdown, Spectre and CSRF Attacks. CORB By design, Cross-Origin Read Blocking validates browser requ...

How to Protect Cookies Against Common XSS Attacks on the Web?

May 17, 2021 · 1 min read · We can ignore Cookies danger by just not recommending its usage, but the fact is that at least 55% of all the websites use Cookies RIGHT NOW even with lots of existing cookieless strategies. So how to protect Cookies against Common XSS Attacks? Well,...

XSS Attacks Types on Web

May 10, 2021 · 1 min read · Know how each Cross-Site Scripting Attack behaves is crucial to start to think about how vulnerabilities in our web apps allow malicious codes to be executed using the browser to take sensible data from users. That's what this article is about. Refle...