Mar 25, 2017

Review at amazon: Quality of Service for Intenet Multimedia

Over the last three months i read a really amazing book about quality of service techniques.
Today everyone has internet access with more than 50Mbit/s, it seems like overbooking does not happen anymore and traffic priorization is no longer needed.
But this is only the half of the truth: Using cloud service, video streaming, onling gaming, ... you can really fast reach the limit of your internet access bandwith.
Companies face the same problem at a different scale: They can buy up to 1Gb/s but if they use techniques like shared workplace, cloud storage etc. even they will exhaust their bandwidth.

If you are interested how priorization can be done (and what are the problems in real life), you should read this book:

It covers the theory and practice for multimedia streaming which is just one of many categories of internet traffic. It is clear that the proposed solution can only be implemented by internet service provicers - but here you can understand what they do und why they are doing it.

if you are interested, take a look at my review at amazon.de. (as all my reviews written in german ;-)

Mar 4, 2017

How to embed HTTP content inside a HTTPS webpage / Mixed content problems

If you are running a webpage and you decide to move to SSL protection you can encounter the following problem: Inside your webpage you are using tags like "iframe", "script" or "link" pointing to HTTP servers. This is considered as mixed active content (mozilla):

Mixed active content is content that has access to all or parts of the Document Object Model of the HTTPS page. This type of mixed content can alter the behavior of the HTTPS page and potentially steal sensitive data from the user. Hence, in addition to the risks described for mixed display content above, mixed active content is vulnerable to a few other attack vectors.
And this will not work...

The best solution is: change all links from HTTP to HTTPS and you are done.

But there are still websites which offer their content in HTTP only. If you really trust them, you can do the following:
Add the link inside a https proxy like https://ssl-proxy.my-addr.org/myaddrproxy.php/http/yourlink

Of course this is not an excellent solution, but a workaround which allows you to protect your website and if you seperate this solution from the pages, which deal with sensitive content you should be fine...