Skip to main content
Exact Realty Blog

Exact Realty Blog


Progressively loading CSR pages

·9 mins
The principles of progressive enhancement can be applied to client-side rendered pages (or any pages with client-side scripts) to ensure that no matter the capabilities of users’ browsers, an appropriate baseline interactivity is present.

Effectively mitigating CSRF

·12 mins
Cross-Site Request Forgery (CSRF) is an attack in which an external site makes a request to another site on behalf of a user without consent. This attack often relies on an existing session on the target site, which the attacker hijacks for their own purposes. Various CSRF prevention and mitigation techniques exist such as the SameSite attribute, CSRF tokens and header validation.

Modern and robust hotlink protection in 2022

·12 mins
Hotlinking refers to the practice of third-party web properties loading resources directly from your server. Unauthorised hotlinks are generally undesirable, not only because they can facilitate reproducing your content without permission. Web standards and browsers have come a long way in the last few decades, and they now include all of the tools needed for effective protection against hotlinking.

Types of Execution Environments, Attestation and SGX

·18 mins
Execution environments are the combination of hardware and software components that can be used to execute and support applications, typically comprising a processing unit, memory, input and output ports and an operating system. Because application execution requires an execution environment, applications are ultimately limited by any constraints placed onto them by their execution environment. Traditionally, computing is done in execution environments that not only permit the loading and execution of arbitrary programs but may also themselves be manipulated in arbitrary ways. As it is impossible for such environments to make any verifiable assertions as to their state, they are inherently untrustworthy.

Benchmarking in C (for x86 and x64)

·10 mins
Benchmarks are extremely useful to see how performant some code or operation is and a requirement for any empirical decision making. After all, how can we know with any certainty if some library is faster than another one without testing? At its core, benchmarking is quite a simple idea we want to know how long a certain operation takes.