j1-template 2021.0.9 → 2021.0.10
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/assets/data/menu.html +0 -32
- data/assets/themes/j1/adapter/js/fam.js +59 -27
- data/assets/themes/j1/adapter/js/toccer.js +97 -18
- data/assets/themes/j1/core/css/themes/uno-light/bootstrap.css +78 -89
- data/assets/themes/j1/core/css/themes/uno-light/bootstrap.min.css +1 -1
- data/assets/themes/j1/modules/justifiedGallery/LICENSE +1 -1
- data/assets/themes/j1/modules/justifiedGallery/README.md +5 -3
- data/assets/themes/j1/modules/justifiedGallery/_versions/v3.8.0/js/{jquery.justifiedGallery.js → justifiedGallery.js} +145 -145
- data/assets/themes/j1/modules/justifiedGallery/_versions/v3.8.0/js/{jquery.justifiedGallery.min.js → justifiedGallery.min.js} +1 -2
- data/assets/themes/j1/modules/justifiedGallery/js/justifiedGallery.js +69 -53
- data/assets/themes/j1/modules/justifiedGallery/js/justifiedGallery.min.js +2 -2
- data/lib/j1/commands/generate.rb +1 -1
- data/lib/j1/version.rb +1 -1
- data/lib/starter_web/Gemfile +1 -1
- data/lib/starter_web/_config.yml +1 -1
- data/lib/starter_web/_data/apps/justified_gallery.yml +41 -13
- data/lib/starter_web/_data/blocks/banner.yml +2 -2
- data/lib/starter_web/_data/blocks/panel.yml +1 -1
- data/lib/starter_web/_data/modules/defaults/toccer.yml +2 -2
- data/lib/starter_web/_data/modules/navigator_menu.yml +6 -6
- data/lib/starter_web/_includes/attributes.asciidoc +13 -5
- data/lib/starter_web/_plugins/lunr_index.rb +1 -1
- data/lib/starter_web/assets/images/collections/blog/featured/markus-spiske-2.jpg +0 -0
- data/lib/starter_web/assets/images/collections/blog/featured/staticgen.jpg +0 -0
- data/lib/starter_web/assets/images/modules/attics/florian-olivo-1920x1280.jpg +0 -0
- data/lib/starter_web/assets/images/modules/attics/{runner-1920x1200-bw.jpg → runner-1920x1200.jpg} +0 -0
- data/lib/starter_web/assets/images/modules/attics/{the-place-1920x1280-bw.jpg → the-place-1920x1280.jpg} +0 -0
- data/lib/starter_web/assets/images/modules/gallery/old_times/colored/image_01.jpg +0 -0
- data/lib/starter_web/assets/images/modules/gallery/old_times/image_01.jpg +0 -0
- data/lib/starter_web/assets/images/modules/gallery/old_times/image_02.jpg +0 -0
- data/lib/starter_web/assets/images/modules/gallery/old_times/image_03.jpg +0 -0
- data/lib/starter_web/assets/images/modules/gallery/old_times/image_04.jpg +0 -0
- data/lib/starter_web/assets/images/modules/icons/d1/scalable/d1.svg +1 -1
- data/lib/starter_web/assets/images/pages/panels/florian-olivo-1920x800.jpg +0 -0
- data/lib/starter_web/assets/images/pages/panels/responsive-text-1920x800.jpg +0 -0
- data/lib/starter_web/collections/posts/public/featured/_posts/{0000-00-00-welcome-to-j1-template.adoc.erb → 0000-00-00-welcome-to-j1.adoc.erb} +29 -13
- data/lib/starter_web/collections/posts/public/featured/_posts/{2020-05-01-top-open-source-static-site-generators.adoc → 2020-05-01-top-site-generators.adoc} +9 -14
- data/lib/starter_web/collections/posts/public/featured/_posts/2020-06-01-about-cookies.adoc +53 -52
- data/lib/starter_web/collections/posts/public/featured/_posts/2021-01-01-welcome-to-j1.adoc +167 -0
- data/lib/starter_web/index.html +8 -8
- data/lib/starter_web/package.json +1 -1
- data/lib/starter_web/pages/public/asciidoc_skeletons/book/000_intro.adoc +1 -1
- data/lib/starter_web/pages/public/asciidoc_skeletons/book/100_chapter.adoc +1 -1
- data/lib/starter_web/pages/public/asciidoc_skeletons/book/200_chapter.adoc +1 -1
- data/lib/starter_web/pages/public/asciidoc_skeletons/book/900_references.adoc +1 -1
- data/lib/starter_web/pages/public/asciidoc_skeletons/book/book.adoc +1 -1
- data/lib/starter_web/pages/public/asciidoc_skeletons/multi-document/100_chapter.asciidoc +1 -1
- data/lib/starter_web/pages/public/asciidoc_skeletons/multi-document/200_chapter.asciidoc +1 -1
- data/lib/starter_web/pages/public/asciidoc_skeletons/multi-document/multi.adoc +1 -1
- data/lib/starter_web/pages/public/learn/roundtrip/100_present_images.adoc +4 -5
- data/lib/starter_web/pages/public/learn/roundtrip/500_themes.adoc +20 -51
- data/lib/starter_web/pages/public/learn/where_to_go.adoc +34 -49
- data/lib/starter_web/pages/public/panels/intro_panel/panel.adoc +67 -36
- data/lib/starter_web/pages/public/previewer/bootstrap_theme.adoc +15 -15
- data/lib/starter_web/pages/public/previewer/rouge.adoc +22 -53
- data/lib/starter_web/utilsrv/_defaults/package.json +1 -1
- data/lib/starter_web/utilsrv/package.json +1 -1
- metadata +18 -16
- data/assets/themes/j1/modules/justifiedGallery/_versions/v3.8.0/justifiedGallery.min.zip +0 -0
- data/assets/themes/j1/modules/justifiedGallery/_versions/v3.8.0/justifiedGallery.zip +0 -0
- data/assets/themes/j1/modules/justifiedGallery/_versions/v4.0.0/css/justifiedGallery.css +0 -110
- data/assets/themes/j1/modules/justifiedGallery/_versions/v4.0.0/css/justifiedGallery.min.css +0 -110
- data/assets/themes/j1/modules/justifiedGallery/_versions/v4.0.0/css/theme/uno.css +0 -23
- data/assets/themes/j1/modules/justifiedGallery/_versions/v4.0.0/js/jquery.justifiedGallery.js +0 -1229
- data/assets/themes/j1/modules/justifiedGallery/_versions/v4.0.0/js/jquery.justifiedGallery.min.js +0 -8
- data/lib/starter_web/collections/posts/public/featured/_posts/2020-04-01-confusion-about-base-url.adoc +0 -118
@@ -175,8 +175,8 @@ settings:
|
|
175
175
|
icon: rocket
|
176
176
|
icon_color: md_white
|
177
177
|
icon_size: 24px
|
178
|
-
href: /pages/public/learn/kickstarter/web_in_a_day/meet_and_greet/
|
179
|
-
target:
|
178
|
+
href: "https://jekyll.one/pages/public/learn/kickstarter/web_in_a_day/meet_and_greet/"
|
179
|
+
target: blank
|
180
180
|
|
181
181
|
# - name: Patreon button
|
182
182
|
# button:
|
@@ -161,8 +161,8 @@ defaults:
|
|
161
161
|
throttleTimeout: 150
|
162
162
|
scrollSmooth: true
|
163
163
|
scrollSmoothDuration: 300
|
164
|
-
scrollSmoothOffset:
|
165
|
-
scrollContainer: null #
|
164
|
+
scrollSmoothOffset: 10 # TODO: to checked, if set dynamically with toccer adapter
|
165
|
+
scrollContainer: null # TODO: to checked, what this option does
|
166
166
|
|
167
167
|
# ------------------------------------------------------------------------------
|
168
168
|
# END config
|
@@ -66,15 +66,15 @@
|
|
66
66
|
- title: Asciidoc Skeletons
|
67
67
|
icon: television-guide
|
68
68
|
dropdown:
|
69
|
-
- title: Book
|
70
|
-
href: /pages/public/skeleton/book/
|
71
|
-
icon: book-open-blank-variant
|
72
|
-
- title: Multi-Document
|
73
|
-
href: /pages/public/skeleton/multi/
|
74
|
-
icon: file-document-multiple-outline
|
75
69
|
- title: Simple-Document
|
76
70
|
href: /pages/public/skeleton/simple/
|
77
71
|
icon: file-document-outline
|
72
|
+
- title: Multi-Document
|
73
|
+
href: /pages/public/skeleton/multi/
|
74
|
+
icon: file-document-multiple-outline
|
75
|
+
- title: Book
|
76
|
+
href: /pages/public/skeleton/book/
|
77
|
+
icon: book-open-blank-variant
|
78
78
|
|
79
79
|
# ------------------------------------------------------------------------------
|
80
80
|
# Menu BLOG
|
@@ -5,6 +5,9 @@
|
|
5
5
|
// URLS, global references to internal|external web links (macro link:)
|
6
6
|
// -----------------------------------------------------------------------------
|
7
7
|
tag::urls[]
|
8
|
+
|
9
|
+
:url-about-cookies--home: http://www.aboutcookies.org
|
10
|
+
|
8
11
|
:url-animate-css--home: https://animate.style/
|
9
12
|
:url-anime--home: https://animejs.com/
|
10
13
|
|
@@ -96,6 +99,7 @@ tag::urls[]
|
|
96
99
|
|
97
100
|
:url-cash--gh-repo: https://github.com/fabiospampinato/cash
|
98
101
|
:url-clipboard--gh-repo: https://github.com/zenorocha/clipboard.js/
|
102
|
+
|
99
103
|
:url-cors--gh-repo: https://github.com/expressjs/cors
|
100
104
|
:url-cross-env--gh-repo: https://github.com/kentcdodds/cross-env
|
101
105
|
:url-cross-var--gh-repo: https://github.com/elijahmanor/cross-var
|
@@ -146,14 +150,13 @@ tag::urls[]
|
|
146
150
|
:url-j1--home: https://jekyll.one/
|
147
151
|
:url-j1--preview: https://preview.jekyll.one/
|
148
152
|
|
149
|
-
:url-j1-web-in-a-day--
|
150
|
-
:url-j1-web-in-a-day--meet-and-greet: /pages/public/learn/kickstarter/web_in_a_day/meet_and_greet/
|
151
|
-
:url-j1-web-in-a-day--preparations: /pages/public/learn/kickstarter/web_in_a_day/preparations/
|
152
|
-
:url-j1-web-in-a-day--first-awesome-web: /pages/public/learn/kickstarter/web_in_a_day/first_awesome_web/
|
153
|
+
:url-j1-web-in-a-day--meet-and-greet: https://jekyll.one/pages/public/learn/kickstarter/web_in_a_day/meet_and_greet/
|
153
154
|
|
154
155
|
:url-j1-quick-references--jekyll: /pages/protected/manuals/quick_references/jekyll/
|
155
156
|
:url-j1-downloads--quickstart-intro: /pages/public/learn/downloads/quickstart/intro/
|
156
157
|
|
158
|
+
:url-j1-roundtrip--present-images: /pages/public/learn/roundtrip/present_images/
|
159
|
+
|
157
160
|
:url-j1-learn--whats-up: https://jekyll.one/pages/public/learn/whats_up/
|
158
161
|
:url-j1-learn--present-images: https://jekyll.one/pages/public/learn/roundtrip/present_images/
|
159
162
|
:url-j1-learn--present-videos: https://jekyll.one/pages/public/learn/roundtrip/present_videos/
|
@@ -236,6 +239,8 @@ tag::urls[]
|
|
236
239
|
|
237
240
|
:url-owl-carousel-v1--home: http://www.landmarkmlp.com/js-plugin/owl.carousel/
|
238
241
|
|
242
|
+
:url-owasp-attacks--csrf: https://owasp.org/www-community/attacks/csrf
|
243
|
+
|
239
244
|
:url-parseurl--gh-repo: https://github.com/pillarjs/parseurl
|
240
245
|
|
241
246
|
:url-platform--gh-repo: https://github.com/bestiejs/platform.js/
|
@@ -275,6 +280,9 @@ tag::urls[]
|
|
275
280
|
:url-sass-lang--home: https://sass-lang.com/dart-sass
|
276
281
|
:url-sass-lang--gh-repo: https://github.com/sass/dart-sass
|
277
282
|
|
283
|
+
:url-jamstack--home: https://jamstack.org/
|
284
|
+
:url-jamstack--generators: https://jamstack.org/generators/
|
285
|
+
|
278
286
|
:url-shopify--home: https://www.shopify.com/
|
279
287
|
|
280
288
|
:url-stackoverflow--usage-fonticons: https://stackoverflow.com/questions/11135261/should-i-use-i-tag-for-icons-instead-of-span
|
@@ -384,7 +392,7 @@ end::tables[]
|
|
384
392
|
// -----------------------------------------------------------------------------
|
385
393
|
tag::products[]
|
386
394
|
:j1-license: MIT License
|
387
|
-
:j1-version: 2021.0.
|
395
|
+
:j1-version: 2021.0.10
|
388
396
|
end::products[]
|
389
397
|
|
390
398
|
|
Binary file
|
data/lib/starter_web/assets/images/modules/attics/{runner-1920x1200-bw.jpg → runner-1920x1200.jpg}
RENAMED
File without changes
|
File without changes
|
@@ -14,7 +14,7 @@
|
|
14
14
|
version="1.1"
|
15
15
|
inkscape:version="1.0.1 (3bc2e813f5, 2020-09-07)"
|
16
16
|
sodipodi:docname="d1.svg"
|
17
|
-
inkscape:export-filename="C:\Temp\d10n-2021.0.
|
17
|
+
inkscape:export-filename="C:\Temp\d10n-2021.0.10\assets\images\modules\icons\d1\d1-256x256.png"
|
18
18
|
inkscape:export-xdpi="49.152"
|
19
19
|
inkscape:export-ydpi="49.152">
|
20
20
|
<title
|
@@ -68,6 +68,20 @@ A static site serves the content straight to the user as it is stored on
|
|
68
68
|
the server-side. To put it in another way, in opposition to WordPress
|
69
69
|
which use a database to load dynamic content, a static site will display
|
70
70
|
the same content to every user as it will directly load the HTML files
|
71
|
+
on the server.
|
72
|
+
|
73
|
+
A static website uses server-side rendering to serve pre-built HTML, CSS,
|
74
|
+
and JavaScript files to a web browser, in contrast to traditional dynamic
|
75
|
+
sites that work by rendering the webpage at the time of the request.
|
76
|
+
Static sites enable you to decouple your content repository and front-end
|
77
|
+
interface, giving you greater flexibility in how your content is served.
|
78
|
+
Cost-efficiency is another reason companies migrate to a static site because
|
79
|
+
static files are lightweight and often faster and cheaper to serve.
|
80
|
+
|
81
|
+
In the last few years, static sites have greatly increased in popularity.
|
82
|
+
This surge is primarily due to advances in developer tools (languages and
|
83
|
+
libraries) and a stronger desire among businesses to optimize website
|
84
|
+
performance beyond the limits of a database-driven site.
|
71
85
|
|
72
86
|
=== What's different?
|
73
87
|
|
@@ -76,6 +90,14 @@ generate the content of a page when a user requests it. For example,
|
|
76
90
|
building a website using WordPress CMS will result in having a dynamic
|
77
91
|
Website.
|
78
92
|
|
93
|
+
Static sites can be written almost exclusively in HTML and serve a fixed
|
94
|
+
set of data that renders the same for every site visitor. Static sites use
|
95
|
+
server-side rendering to serve pre-built HTML, CSS, and JavaScript files to
|
96
|
+
a web browser. Dynamic sites operate in a completely different way, by
|
97
|
+
leveraging HTML and CSS as well as server-side scripting languages like PHP
|
98
|
+
to build webpages on the fly and serve different content to each site
|
99
|
+
visitor.
|
100
|
+
|
79
101
|
=== Why use a static site?
|
80
102
|
|
81
103
|
What are the advantages of a static website over a dynamic site?
|
@@ -85,8 +107,7 @@ come the main advantages of using a static site over a dynamic
|
|
85
107
|
one.
|
86
108
|
|
87
109
|
Performance::
|
88
|
-
The better performance and a crazy fast load time
|
89
|
-
|
110
|
+
*The better performance and a crazy fast load time*.
|
90
111
|
One of the main advantages of using a static site is the fact that
|
91
112
|
it is crazy fast to load. Indeed, when the user requests a page, there is
|
92
113
|
no need to request a database and various files to generate the
|
@@ -99,8 +120,7 @@ that’s why having fast loading times will participate in making your
|
|
99
120
|
website mobile-friendly.
|
100
121
|
|
101
122
|
Security::
|
102
|
-
Having a static website: say goodbye to hacking and security issues
|
103
|
-
|
123
|
+
*Having a static website: say goodbye to hacking and security issues*.
|
104
124
|
Tired of getting WordPress notifications about security issues and
|
105
125
|
updates every week? No worries, as a static site has no database, there
|
106
126
|
are close to no hack possible compared to a WordPress website. Indeed,
|
@@ -110,8 +130,7 @@ static website is one the main reason why many famous brands switch to
|
|
110
130
|
a static site instead of having their website on Drupal or WordPress.
|
111
131
|
|
112
132
|
Hosting::
|
113
|
-
Building a static site and hosting: you will save you money
|
114
|
-
|
133
|
+
*Building a static site and hosting: you will save you money*.
|
115
134
|
Using a static site, you will only have most of the time only HTML and
|
116
135
|
CSS files to host. This kind of files is super light which also means
|
117
136
|
that you will not need a powerhouse hosting to have a static site up and
|
@@ -120,9 +139,8 @@ go down contrary to a dynamic site which should request the database
|
|
120
139
|
each time for each user.
|
121
140
|
|
122
141
|
Control::
|
123
|
-
You're the master.
|
124
|
-
|
125
|
-
Using a CMS means, giving control over your site to others. Simple like this.
|
142
|
+
*You're the master*. Using a CMS means, giving control over your site to others.
|
143
|
+
Simple like this.
|
126
144
|
|
127
145
|
== Why use a site generator?
|
128
146
|
|
@@ -143,11 +161,9 @@ As the popularity of static sites is growing, there are plenty of static
|
|
143
161
|
site generators available on the market. The more famous is Jekyll,
|
144
162
|
Middleman and Hugo. Each one has its own specificities and may suits you
|
145
163
|
better depending on the programming languages you already are familiar with.
|
146
|
-
|
147
164
|
Which static site generator should I use?
|
148
165
|
|
149
166
|
When I decided to go for a blog based on a static web, I personally
|
150
167
|
choose Jekyll as for me. It's a well known static site generator, good support
|
151
|
-
in case of trouble and the software gets regularly
|
152
|
-
|
153
|
-
This blog is powered by Jekyll. For good reasons.
|
168
|
+
in case of trouble and the software gets regularly updated. This website is
|
169
|
+
powered by Jekyll. For good reasons.
|
@@ -1,6 +1,6 @@
|
|
1
1
|
---
|
2
|
-
title:
|
3
|
-
tagline:
|
2
|
+
title: Free site generators
|
3
|
+
tagline: top site generators
|
4
4
|
date: 2020-05-01 00:00:00
|
5
5
|
|
6
6
|
tags: [ Jekyll, Generators ]
|
@@ -55,7 +55,7 @@ excerpt__end
|
|
55
55
|
|
56
56
|
// Load page attributes
|
57
57
|
// -----------------------------------------------------------------------------
|
58
|
-
{% include {{load_attributes}} scope="
|
58
|
+
{% include {{load_attributes}} scope="global" %}
|
59
59
|
|
60
60
|
|
61
61
|
// Page content
|
@@ -68,7 +68,7 @@ excerpt__end
|
|
68
68
|
== Static Site Generators
|
69
69
|
|
70
70
|
[role="mb-3"]
|
71
|
-
image::/assets/images/collections/blog/featured/
|
71
|
+
image::/assets/images/collections/blog/featured/markus-spiske-2.jpg[{{page.title}}]
|
72
72
|
|
73
73
|
A typical CMS driven website works by building each and every page dynamically.
|
74
74
|
That means fetching the content from a database to pass them over to a template
|
@@ -80,10 +80,8 @@ This means each page is assembled on demand.
|
|
80
80
|
For many, many websites dynamic page generation is entirely unnecessary and
|
81
81
|
adds unwanted risks in terms of complexity, performance losses and security
|
82
82
|
issues. After all, the content of most websites changes only, when the content
|
83
|
-
authors make changes.
|
84
|
-
|
85
|
-
Why the hell should a web page always assembled on demand if there are no
|
86
|
-
changes?
|
83
|
+
authors make changes. Why the hell should a web page always assembled on
|
84
|
+
demand if there are no changes?
|
87
85
|
|
88
86
|
NOTE: To be fair, most CMS are providing caching systems for web pages to
|
89
87
|
prevent unnecessary creation processes. It is not easy to implement such
|
@@ -99,11 +97,8 @@ content, only selected pages will rebuild.
|
|
99
97
|
This means overall, statically build web pages having no moving parts in the
|
100
98
|
deployed website. This results in browser-side caching only, the performance
|
101
99
|
goes up, and static sites are far more secure because they build already.
|
102
|
-
|
103
100
|
To find out what OpenSource Static Site Generators are available today and
|
104
|
-
their ranking in terms of popularity go for
|
105
|
-
complete list of generators
|
106
|
-
|
107
|
-
Check https://www.staticgen.com[StaticGen].
|
101
|
+
their ranking in terms of popularity go for Jamstack You'll find the most
|
102
|
+
complete list of generators used today.
|
108
103
|
|
109
|
-
|
104
|
+
Check with {url-jamstack--generators}[Jamstack, {browser-window--new}]!
|
@@ -61,7 +61,7 @@ excerpt__end
|
|
61
61
|
|
62
62
|
// Load page attributes
|
63
63
|
// -----------------------------------------------------------------------------
|
64
|
-
{% include {{load_attributes}} scope="
|
64
|
+
{% include {{load_attributes}} scope="global" %}
|
65
65
|
|
66
66
|
|
67
67
|
// Page content
|
@@ -75,44 +75,35 @@ excerpt__end
|
|
75
75
|
|
76
76
|
In short words. A cookie is a small piece of data that a website asks your
|
77
77
|
browser to store on your computer or mobile device. The cookie allows the
|
78
|
-
website to "remember" your actions or preferences over time.
|
79
|
-
|
80
|
-
|
81
|
-
them and can delete them whenever they like.
|
82
|
-
|
83
|
-
Good to know.
|
84
|
-
|
85
|
-
== For what reasons cookies are used
|
78
|
+
website to "remember" your actions or preferences over time. All modern
|
79
|
+
browsers support cookies, but users can set their browsers to decline them
|
80
|
+
and can delete them whenever they like. Good to know.
|
86
81
|
|
87
82
|
Websites mainly use cookies for:
|
88
83
|
|
89
84
|
Identification::
|
90
|
-
|
85
|
+
Identify users
|
91
86
|
|
92
87
|
General information storage::
|
93
|
-
|
88
|
+
Remember users' custom preferences
|
94
89
|
|
95
90
|
Support::
|
96
|
-
|
91
|
+
Help users complete tasks without having to re‑enter information
|
97
92
|
when browsing from one page to another or when visiting the site later.
|
98
93
|
|
99
94
|
Track behavioural::
|
100
95
|
Cookies can also be used for online behavioural target advertising and to
|
101
96
|
show adverts relevant to something that the user searched for in the past.
|
102
|
-
|
103
97
|
The web server supplying the webpage can store a cookie on the user's
|
104
|
-
computer or mobile device.
|
105
|
-
included or referenced in the webpage is also able to store cookies.
|
98
|
+
computer or mobile device.
|
106
99
|
|
107
100
|
All these cookies are called http header cookies. Another way of storing
|
108
101
|
cookies is through JavaScript code contained or referenced in that page.
|
109
|
-
|
110
102
|
Each time the user requests a new page, the web server can receive the
|
111
103
|
values of the cookies it previously set and return the page with content
|
112
104
|
relating to these values. Similarly, JavaScript code is able to read a
|
113
105
|
cookie belonging to its domain and perform an action accordingly.
|
114
106
|
|
115
|
-
|
116
107
|
.How are they used
|
117
108
|
[NOTE]
|
118
109
|
====
|
@@ -128,57 +119,67 @@ relating to these values. Similarly, JavaScript code is able to read a
|
|
128
119
|
cookie belonging to its domain and perform an action accordingly.
|
129
120
|
====
|
130
121
|
|
131
|
-
|
132
122
|
== Types of cookies
|
133
123
|
|
134
|
-
|
135
|
-
|
124
|
+
HTTP cookies are essential to the modern Internet but potentially a
|
125
|
+
vulnerability to your privacy. As a necessary part of web browsing, cookies
|
126
|
+
help web developers give you more personal, convenient website visits.
|
127
|
+
Cookies let websites remember you, your website logins, shopping carts and
|
128
|
+
more. But they can also be a treasure trove of private info for criminals
|
129
|
+
to spy on.
|
130
|
+
|
131
|
+
Since the data in cookies doesn't change, cookies themselves aren't harmful.
|
132
|
+
They *can't infect* computers with viruses or other malware. However, some
|
133
|
+
cyberattacks can hijack cookies and enable access to your browsing sessions.
|
134
|
+
The danger lies in their ability to track individuals' browsing histories.
|
135
|
+
Cookies generally can be classified by its *lifespan* and the *domain* to
|
136
|
+
which it belongs.
|
137
|
+
|
138
|
+
Cookies classified by *lifespan* are either a:
|
136
139
|
|
137
140
|
Session cookie::
|
138
|
-
|
141
|
+
Session cookies gets automatically deleted when the user closes the web browser
|
142
|
+
and all open window tabs.
|
139
143
|
|
140
144
|
Persistent cookie::
|
141
|
-
|
145
|
+
A persistent cookie *remains* on the user's computer/device for a pre-defined
|
146
|
+
period of time.
|
142
147
|
|
143
|
-
|
148
|
+
Cookies classified by the *domain* to which it belongs, are either of:
|
144
149
|
|
145
150
|
First-party cookie::
|
146
|
-
cookies
|
147
|
-
same domain
|
151
|
+
First-party cookie cookies are set by the web server of the visited page
|
152
|
+
and share the *same domain* you're visting. These are generally safer, as
|
153
|
+
long as users are browsing reputable websites or ones that have not been
|
154
|
+
compromised.
|
148
155
|
|
149
156
|
Third-party cookies::
|
150
|
-
cookies stored by a different domain to the visited page
|
151
|
-
This can happen when the webpage references a
|
152
|
-
|
153
|
-
|
157
|
+
Third-party cookies are stored by a *different* domain to the visited page.
|
158
|
+
This can happen when the webpage references a files located outside its domain.
|
159
|
+
Third-party cookies let advertisers or analytics companies track the user's
|
160
|
+
browsing history across the web on *any* sites that contain their ads.
|
154
161
|
|
155
|
-
== How do a site use cookies?
|
156
162
|
|
157
|
-
|
163
|
+
== Security aspects on using cookies
|
158
164
|
|
159
|
-
|
160
|
-
|
161
|
-
|
162
|
-
|
163
|
-
* if they are essential for the website or a given functionality to work
|
164
|
-
or if they aim to enhance the performance of the website
|
165
|
-
* the types of cookies used (e.g. session or permanent, first or third-party)
|
166
|
-
* who controls/accesses the cookie-related information (website or third party)
|
167
|
-
* that the cookie will not be used for any purpose other than the one stated
|
168
|
-
* how consent can be withdrawn.
|
169
|
-
|
170
|
-
You can use as example the top level "cookie notice" of the Commission homepage.
|
171
|
-
If your site does not use any cookies, just declare it (e.g. The Information
|
172
|
-
Providers Guide site does not use any cookies). If your site uses the same
|
173
|
-
cookies as the Commission homepage, you can just link to the top level
|
174
|
-
cookie notice.
|
165
|
+
Without cookies the web would not work as it does today. However, since the
|
166
|
+
mid 90ies when cookies were invented, the web changed quite a lot and so did
|
167
|
+
the attack methods on web applications; as mentioned the internet is not a
|
168
|
+
friendly place.
|
175
169
|
|
170
|
+
A well-known attack method is known as Cross Site Request Forgery, or short
|
171
|
+
*CSRF*. CSRF is an attack, a criminal act, that forces an end user to execute
|
172
|
+
unwanted actions. Cookie may play a *role* in such scenarios but they are
|
173
|
+
not generally *unsafe*. If you want you can read more about that in the
|
174
|
+
CRSF Page on {url-owasp-attacks--csrf}[OWASP, {browser-window--new}].
|
176
175
|
|
177
176
|
== How to control cookies
|
178
177
|
|
179
|
-
|
180
|
-
see
|
178
|
+
Users can take control, used or *not* used, or delete cookies. For more
|
179
|
+
details, see {url-about-cookies--home}[aboutcookies.org]. You can delete
|
181
180
|
all cookies that are already on your computer and you can set most
|
182
|
-
browsers to prevent them from being placed.
|
183
|
-
|
184
|
-
|
181
|
+
browsers to prevent them from being placed.
|
182
|
+
|
183
|
+
If you do this, however, you may have to manually adjust some preferences
|
184
|
+
every time you visit a site and some services and functionalities may not
|
185
|
+
work.
|