Permalink
Browse files

None

  • Loading branch information...
mgrouchy committed Jul 23, 2012
1 parent 2dd62b3 commit cd0ceeeeb32f93623d878619d441269e22ed5eab
@@ -0,0 +1,140 @@
+<!doctype html>
+<!-- https://github.com/paulirish/html5-boilerplate/blob/master/index.html -->
+<!-- paulirish.com/2008/conditional-stylesheets-vs-css-hacks-answer-neither/ -->
+<!--[if lt IE 7 ]> <html lang="en" class="no-js ie6"> <![endif]-->
+<!--[if IE 7 ]> <html lang="en" class="no-js ie7"> <![endif]-->
+<!--[if IE 8 ]> <html lang="en" class="no-js ie8"> <![endif]-->
+<!--[if (gte IE 9)|!(IE)]><!--> <html lang="en" class="no-js"> <!--<![endif]-->
+<head>
+ <meta charset="">
+
+ <!-- Always force latest IE rendering engine (even in intranet) & Chrome Frame
+ Remove this if you use the .htaccess -->
+ <meta http-equiv="X-UA-Compatible" content="">
+
+ <!-- encoding must be specified within the first 512 bytes
+ www.whatwg.org/specs/web-apps/current-work/multipage/semantics.html#charset -->
+
+ <!-- meta element for compatibility mode needs to be before
+ all elements except title & meta
+ msdn.microsoft.com/en-us/library/cc288325(VS.85).aspx -->
+ <!-- Chrome Frame is only invoked if meta element for
+ compatibility mode is within the first 1K bytes
+ code.google.com/p/chromium/issues/detail?id=23003 -->
+
+ <title>Force websites to use SSL in Google Chrome</title>
+ <meta name="description" content="">
+ <meta name="author" content="Mike Grouchy">
+
+ <!-- Mobile viewport optimized: j.mp/bplateviewport -->
+ <meta name="viewport" content="">
+
+ <!-- Place favicon.ico & apple-touch-icon.png
+ in the root of your domain and delete these references -->
+ <link rel="shortcut icon" href="/favicon.ico">
+ <link rel="apple-touch-icon" href="/apple-touch-icon.png">
+
+ <link rel="alternate" type="application/rss+xml" title="MikeGrouchy.com RSS Feed" href="http://feeds.feedburner.com/mikegrouchycom" />
+
+ <link rel="stylesheet" href="/media/css/bootstrap.min.css">
+ <link rel="stylesheet" href="/media/css/site.css">
+ <link rel="stylesheet" href="/media/css/syntax.css">
+ <link href='http://fonts.googleapis.com/css?family=Alike' rel='stylesheet' type='text/css'>
+ <link href='http://fonts.googleapis.com/css?family=Wellfleet' rel='stylesheet' type='text/css'>
+ <link href='http://fonts.googleapis.com/css?family=Allerta' rel='stylesheet' type='text/css'>
+
+ <!-- All JavaScript at the bottom, except for Modernizr which
+ enables HTML5 elements & feature detects -->
+ <script src="/media/js/libs/modernizr-1.7.min.js"></script>
+ </head>
+<body id="force-sites-to-use-ssl-in-chrome">
+ <div class="topbar ">
+ <div class="topbar-inner topbar-override">
+ <div class="container container-expand">
+ <a class="brand btitle" href="http://mikegrouchy.com">Mike Grouchy</a>
+ <ul class="nav">
+ <li class=""><a href="http://mikegrouchy.com">Home</a></li>
+ <li class=""><a href="/about.html">About</a></li>
+ <li class=""><a href="http://feeds.feedburner.com/mikegrouchycom">Feed</a></li>
+ </ul>
+ </div>
+ </div>
+ </div>
+ <div class="container container-expand">
+ <article class="post">
+ <h1 class="title">
+ <a class="post-link" href="/blog/2012/07/force-sites-to-use-ssl-in-chrome.html">
+ Force websites to use SSL in Google Chrome
+ </a>
+ </h1>
+ <time datetime="2012-07-23">
+ Posted: Monday, 23 July, 2012
+ </time>
+<div class="post-content">
+ <p>I saw this tip in the comments over at <a href="http://news.ycombinator.com">Hacker News</a> today
+and I thought that this is a great alternative to force <span class="caps">SSL</span> for sites that don&#8217;t have
+it&nbsp;available.</p>
+<h2>Step&nbsp;1</h2>
+<p>Navigate to Chrome&#8217;s net internals dashboard by&nbsp;typing</p>
+<p><code>chrome://net-internals/</code> into your&nbsp;browser.</p>
+<p>You should&nbsp;see:</p>
+<p><img alt="net-internals" src="/media/images/2012/07/net-internals.png" /></p>
+<h2>Step&nbsp;2</h2>
+<p>Navigate to the <a href="http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security"><span class="caps">HSTS</span></a>(<span class="caps">HTTPS</span> Strict Transport Security) Tab and you should see&nbsp;this:</p>
+<p><img alt="hsts" src="/media/images/2012/07/hsts.png" /></p>
+<h2>Step&nbsp;3</h2>
+<p>From there its pretty easy, just type in the site you want to force to <span class="caps">SSL</span> and
+you are&nbsp;done!</p>
+<p><img alt="hsts" src="/media/images/2012/07/add-hsts-domain.png" /></p>
+<p>Do you have any other Chrome security tips? Leave them in the&nbsp;comments!</p>
+ <div class="hero-unit disqus">
+ Tags: <a class="" href="/blog/tags/browser.html">browser</a>, <a class="" href="/blog/tags/security.html">security</a>, <a class="" href="/blog/tags/tip.html">tip</a>. </div>
+ </article> <div class="hero-unit about-block">
+<p><img alt="Mike" src="/media/images/mike.jpg" /> Mike is an ambitious Python/Django Developer, Beer drinker and lover of all things basketball.
+ He is also a curator of <a href="http://pycoders.com">Pycoder&#8217;s Weekly</a>.
+ You can follow him on <a href="http://twitter.com/mgrouchy">Twitter</a> or <a href="http://github.com/mgrouchy">Github</a>.</p></div> <div class="hero-unit disqus">
+<h3 id="comment-header">Comments</h1>
+ <div id="disqus_thread"></div>
+ <script type="text/javascript">
+ /**
+ * var disqus_identifier; [Optional but recommended: Define a unique identifier (e.g. post id or slug) for this thread]
+ */
+ var disqus_shortname = 'mikegrouchy';
+
+ (function() {
+ var dsq = document.createElement('script'); dsq.type = 'text/javascript'; dsq.async = true;
+ dsq.src = 'http://' + disqus_shortname + '.disqus.com/embed.js';
+ (document.getElementsByTagName('head')[0] || document.getElementsByTagName('body')[0]).appendChild(dsq);
+ })();
+</script>
+<noscript>Please enable JavaScript to view the <a href="http://disqus.com/?ref_noscript">comments powered by Disqus.</a></noscript>
+<a href="http://disqus.com" class="dsq-brlink">blog comments powered by <span class="logo-disqus">Disqus</span></a>
+
+</div> </div> <!--! end of .container -->
+ <footer> Copyright 2009-2012 Mike Grouchy
+ </footer>
+ <!-- Javascript at the bottom for fast page loading -->
+ <!-- Grab Google CDN's jQuery, with a protocol relative URL; fall back to local if necessary -->
+ <script src="//ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.js"></script>
+ <script>window.jQuery || document.write('<script src="js/libs/jquery-1.5.1.min.js">\x3C/script>')</script>
+
+
+ <!--[if lt IE 7 ]>
+ <script src="js/libs/dd_belatedpng.js"></script>
+ <script>DD_belatedPNG.fix('img, .png_bg'); // Fix any <img> or .png_bg bg-images. Also, please read goo.gl/mZiyb </script>
+ <![endif]-->
+
+ <!-- asynchronous google analytics: mathiasbynens.be/notes/async-analytics-snippet -->
+<script>
+ var _gaq = [['_setAccount', 'UA-1990784-1'], ['_trackPageview']];
+ (function(d, t) {
+ var g = d.createElement(t),
+ s = d.getElementsByTagName(t)[0];
+ g.async = true;
+ g.src = ('https:' == location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
+ s.parentNode.insertBefore(g, s);
+ })(document, 'script');
+</script>
+
+ </body>
+</html>
View
@@ -7,10 +7,45 @@
<link href="/"/>
- <updated>2012-07-18T08:53:21Z</updated>
+ <updated>2012-07-23T09:14:01Z</updated>
<id>http://mikegrouchy.com/blog/atom.xml/</id>
+ <entry>
+ <title type="html">Force websites to use SSL in Google Chrome</title>
+ <author><name>Mike Grouchy</name></author>
+ <link href="http://mikegrouchy.com/blog/2012/07/force-sites-to-use-ssl-in-chrome.html"/>
+ <updated>2012-07-23T09:30:00Z</updated>
+ <published>2012-07-23T09:30:00Z</published>
+ <id>http://mikegrouchy.comblog/2012/07/force-sites-to-use-ssl-in-chrome.html</id>
+ <category scheme="http://mikegrouchy.com/blog/tags'"
+ term="browser"
+ label="Browser" />
+ <category scheme="http://mikegrouchy.com/blog/tags'"
+ term="security"
+ label="Security" />
+ <category scheme="http://mikegrouchy.com/blog/tags'"
+ term="tip"
+ label="Tip" />
+
+ <content type="html">
+ &lt;p&gt;I saw this tip in the comments over at &lt;a href=&#34;http://news.ycombinator.com&#34;&gt;Hacker News&lt;/a&gt; today
+and I thought that this is a great alternative to force &lt;span class=&#34;caps&#34;&gt;SSL&lt;/span&gt; for sites that don&amp;#8217;t have
+it&amp;nbsp;available.&lt;/p&gt;
+&lt;h2&gt;Step&amp;nbsp;1&lt;/h2&gt;
+&lt;p&gt;Navigate to Chrome&amp;#8217;s net internals dashboard by&amp;nbsp;typing&lt;/p&gt;
+&lt;p&gt;&lt;code&gt;chrome://net-internals/&lt;/code&gt; into your&amp;nbsp;browser.&lt;/p&gt;
+&lt;p&gt;You should&amp;nbsp;see:&lt;/p&gt;
+&lt;p&gt;&lt;img alt=&#34;net-internals&#34; src=&#34;/media/images/2012/07/net-internals.png&#34; /&gt;&lt;/p&gt;
+&lt;h2&gt;Step&amp;nbsp;2&lt;/h2&gt;
+&lt;p&gt;Navigate to the &lt;a href=&#34;http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security&#34;&gt;&lt;span class=&#34;caps&#34;&gt;HSTS&lt;/span&gt;&lt;/a&gt;(&lt;span class=&#34;caps&#34;&gt;HTTPS&lt;/span&gt; Strict Transport Security) Tab and you should see&amp;nbsp;this:&lt;/p&gt;
+&lt;p&gt;&lt;img alt=&#34;hsts&#34; src=&#34;/media/images/2012/07/hsts.png&#34; /&gt;&lt;/p&gt;
+&lt;h2&gt;Step&amp;nbsp;3&lt;/h2&gt;
+&lt;p&gt;From there its pretty easy, just type in the site you want to force to &lt;span class=&#34;caps&#34;&gt;SSL&lt;/span&gt; and
+you are&amp;nbsp;done!&lt;/p&gt;
+&lt;p&gt;&lt;img alt=&#34;hsts&#34; src=&#34;/media/images/2012/07/add-hsts-domain.png&#34; /&gt;&lt;/p&gt;
+&lt;p&gt;Do you have any other Chrome security tips? Leave them in the&amp;nbsp;comments!&lt;/p&gt; </content>
+ </entry>
<entry>
<title type="html">The Setup</title>
<author><name>Mike Grouchy</name></author>
@@ -49,10 +84,11 @@
&lt;li&gt;Magic&amp;nbsp;Mouse&lt;/li&gt;
&lt;li&gt;Apple wireless bluetooth&amp;nbsp;keyboard&lt;/li&gt;
&lt;/ul&gt;
-&lt;p&gt;I don&amp;#8217;t use this too much, as it is the computer my &lt;a href=&#34;http://twitter.com/nicolegrouchy&#34;&gt;wife&lt;/a&gt; uses&amp;nbsp;primarily.&lt;/p&gt;
+&lt;p&gt;I don&amp;#8217;t use this often, as it is the computer my &lt;a href=&#34;http://twitter.com/nicolegrouchy&#34;&gt;wife&lt;/a&gt; uses primarily. I only tend to use it when I
+don&amp;#8217;t feel like slogging around with my laptop at home, or I have left it at the &lt;a href=&#34;http://swixhq.com&#34;&gt;office&lt;/a&gt; or&amp;nbsp;something.&lt;/p&gt;
&lt;p&gt;I have also taken to writing drafts for my blogposts using &lt;a href=&#34;http://gist.github.com&#34;&gt;Github Gists&lt;/a&gt; with my &lt;a href=&#34;http://amzn.to/KLFZrw&#34;&gt;1st Generation &lt;span class=&#34;caps&#34;&gt;32GB&lt;/span&gt; iPad&lt;/a&gt; and the apple bluetooth keyboard. I have found this to be a fantastic way to write a blogpost or a little code while out at a coffee shop or anywhere else when I am on the&amp;nbsp;go.&lt;/p&gt;
&lt;h2&gt;Software&lt;/h2&gt;
-&lt;p&gt;Like I said earlier, I don&amp;#8217;t spend too much time outside the console, but when I do there are the things I couldn&amp;#8217;t live&amp;nbsp;without.&lt;/p&gt;
+&lt;p&gt;Like I said earlier, I don&amp;#8217;t spend too much time outside the console, but when I do these are the things I couldn&amp;#8217;t live&amp;nbsp;without.&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;&lt;a href=&#34;http://manytricks.com/moom/&#34;&gt;Moom&lt;/a&gt; - This is an awesome app, it allows you to tile windows in &lt;span class=&#34;caps&#34;&gt;OSX&lt;/span&gt;, attach hotkeys to tiling commands and a bunch of other niceties that don&amp;#8217;t exist on&amp;nbsp;&lt;span class=&#34;caps&#34;&gt;OSX&lt;/span&gt;.&lt;/li&gt;
&lt;li&gt;&lt;a href=&#34;http://rd.io&#34;&gt;rdio&lt;/a&gt; - As I mentioned earlier, I use rdio. I listen to music all the time while coding, or thinking or just about anything, so I have rdio going basically all the&amp;nbsp;time.&lt;/li&gt;
@@ -86,7 +122,8 @@
&lt;li&gt;&lt;a href=&#34;http://amzn.to/M3xogV&#34;&gt;Expert Python Programming&lt;/a&gt; - Tarek&amp;nbsp;Zaide&lt;/li&gt;
&lt;/ul&gt;
&lt;p&gt;A bunch of &lt;a href=&#34;http://pycoders.com&#34;&gt;Pycoders&lt;/a&gt;&amp;nbsp;stickers&lt;/p&gt;
-&lt;p&gt;&lt;img alt=&#34;Pycoders Sickers!&#34; src=&#34;/media/images/2012/07/pycoders-stickers.jpg&#34; /&gt;&lt;/p&gt; </content>
+&lt;p&gt;&lt;img alt=&#34;Pycoders Sickers!&#34; src=&#34;http://mikegrouchy.com/media/images/2012/07/pycoders-stickers.jpg&#34; /&gt;&lt;/p&gt;
+&lt;p&gt;Thats about it. What does your setup look&amp;nbsp;like?&lt;/p&gt; </content>
</entry>
<entry>
<title type="html">Broken RSS Links Fixed</title>
View
@@ -7,10 +7,31 @@
<link href="/"/>
- <updated>2012-07-18T08:53:23Z</updated>
+ <updated>2012-07-23T09:14:03Z</updated>
<id>http://mikegrouchy.com/blog/excerpts.xml/</id>
+ <entry>
+ <title type="html">Force websites to use SSL in Google Chrome</title>
+ <author><name>Mike Grouchy</name></author>
+ <link href="http://mikegrouchy.com/blog/2012/07/force-sites-to-use-ssl-in-chrome.html"/>
+ <updated>2012-07-23T09:30:00Z</updated>
+ <published>2012-07-23T09:30:00Z</published>
+ <id>http://mikegrouchy.comblog/2012/07/force-sites-to-use-ssl-in-chrome.html</id>
+ <category scheme="http://mikegrouchy.com/blog/tags'"
+ term="browser"
+ label="Browser" />
+ <category scheme="http://mikegrouchy.com/blog/tags'"
+ term="security"
+ label="Security" />
+ <category scheme="http://mikegrouchy.com/blog/tags'"
+ term="tip"
+ label="Tip" />
+
+ <content type="html">
+
+ </content>
+ </entry>
<entry>
<title type="html">The Setup</title>
<author><name>Mike Grouchy</name></author>
View
@@ -0,0 +1,118 @@
+<!doctype html>
+<!-- https://github.com/paulirish/html5-boilerplate/blob/master/index.html -->
+<!-- paulirish.com/2008/conditional-stylesheets-vs-css-hacks-answer-neither/ -->
+<!--[if lt IE 7 ]> <html lang="en" class="no-js ie6"> <![endif]-->
+<!--[if IE 7 ]> <html lang="en" class="no-js ie7"> <![endif]-->
+<!--[if IE 8 ]> <html lang="en" class="no-js ie8"> <![endif]-->
+<!--[if (gte IE 9)|!(IE)]><!--> <html lang="en" class="no-js"> <!--<![endif]-->
+<head>
+ <meta charset="">
+
+ <!-- Always force latest IE rendering engine (even in intranet) & Chrome Frame
+ Remove this if you use the .htaccess -->
+ <meta http-equiv="X-UA-Compatible" content="">
+
+ <!-- encoding must be specified within the first 512 bytes
+ www.whatwg.org/specs/web-apps/current-work/multipage/semantics.html#charset -->
+
+ <!-- meta element for compatibility mode needs to be before
+ all elements except title & meta
+ msdn.microsoft.com/en-us/library/cc288325(VS.85).aspx -->
+ <!-- Chrome Frame is only invoked if meta element for
+ compatibility mode is within the first 1K bytes
+ code.google.com/p/chromium/issues/detail?id=23003 -->
+
+ <title></title>
+ <meta name="description" content="">
+ <meta name="author" content="Mike Grouchy">
+
+ <!-- Mobile viewport optimized: j.mp/bplateviewport -->
+ <meta name="viewport" content="">
+
+ <!-- Place favicon.ico & apple-touch-icon.png
+ in the root of your domain and delete these references -->
+ <link rel="shortcut icon" href="/favicon.ico">
+ <link rel="apple-touch-icon" href="/apple-touch-icon.png">
+
+ <link rel="alternate" type="application/rss+xml" title="MikeGrouchy.com RSS Feed" href="http://feeds.feedburner.com/mikegrouchycom" />
+
+ <link rel="stylesheet" href="/media/css/bootstrap.min.css">
+ <link rel="stylesheet" href="/media/css/site.css">
+ <link rel="stylesheet" href="/media/css/syntax.css">
+ <link href='http://fonts.googleapis.com/css?family=Alike' rel='stylesheet' type='text/css'>
+ <link href='http://fonts.googleapis.com/css?family=Wellfleet' rel='stylesheet' type='text/css'>
+ <link href='http://fonts.googleapis.com/css?family=Allerta' rel='stylesheet' type='text/css'>
+
+ <!-- All JavaScript at the bottom, except for Modernizr which
+ enables HTML5 elements & feature detects -->
+ <script src="/media/js/libs/modernizr-1.7.min.js"></script>
+ </head>
+<body id="browser">
+ <div class="topbar ">
+ <div class="topbar-inner topbar-override">
+ <div class="container container-expand">
+ <a class="brand btitle" href="http://mikegrouchy.com">Mike Grouchy</a>
+ <ul class="nav">
+ <li class=""><a href="http://mikegrouchy.com">Home</a></li>
+ <li class=""><a href="/about.html">About</a></li>
+ <li class=""><a href="http://feeds.feedburner.com/mikegrouchycom">Feed</a></li>
+ </ul>
+ </div>
+ </div>
+ </div>
+ <div class="container container-expand">
+ <section class="archives">
+<h1 class="tag title">browser</h1>
+<ul class="posts clear">
+<li class="post clear">
+ <time datetime="2012-07-23">
+ Mon, 23 Jul 2012
+ </time>
+ <a href="/blog/2012/07/force-sites-to-use-ssl-in-chrome.html">Force websites to use SSL in Google Chrome</a>
+ <ul class="tags">
+ <li>
+ <a class="small" href="/blog/tags/browser.html">
+ browser
+ </a>
+ </li>
+ <li>
+ <a class="small" href="/blog/tags/security.html">
+ security
+ </a>
+ </li>
+ <li>
+ <a class="small" href="/blog/tags/tip.html">
+ tip
+ </a>
+ </li>
+ </ul>
+ </li></ul>
+</section>
+ </div> <!--! end of .container -->
+ <footer> Copyright 2009-2012 Mike Grouchy
+ </footer>
+ <!-- Javascript at the bottom for fast page loading -->
+ <!-- Grab Google CDN's jQuery, with a protocol relative URL; fall back to local if necessary -->
+ <script src="//ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.js"></script>
+ <script>window.jQuery || document.write('<script src="js/libs/jquery-1.5.1.min.js">\x3C/script>')</script>
+
+
+ <!--[if lt IE 7 ]>
+ <script src="js/libs/dd_belatedpng.js"></script>
+ <script>DD_belatedPNG.fix('img, .png_bg'); // Fix any <img> or .png_bg bg-images. Also, please read goo.gl/mZiyb </script>
+ <![endif]-->
+
+ <!-- asynchronous google analytics: mathiasbynens.be/notes/async-analytics-snippet -->
+<script>
+ var _gaq = [['_setAccount', 'UA-1990784-1'], ['_trackPageview']];
+ (function(d, t) {
+ var g = d.createElement(t),
+ s = d.getElementsByTagName(t)[0];
+ g.async = true;
+ g.src = ('https:' == location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
+ s.parentNode.insertBefore(g, s);
+ })(document, 'script');
+</script>
+
+ </body>
+</html>
Oops, something went wrong.

0 comments on commit cd0ceee

Please sign in to comment.