CSS - Style Sheets

Web page design or development is an interesting task. It should be more interest, if it is done for yourself. I learn HTML ten years back. At that time, Tag and Element were new to me. I started my web page at htmlplanet. I did not know much about CSS. I tried to learn CSS from W3Schools. It helped me for the blog. I used CSS to put my code and it is showing nicely in a box.

CSS stands for Cascading Style Sheets. By using CSS, we can extend the HTML Tags. It can reduce the inconsistency.Style sheets are expanding the ability to improve the appearance of web pages. Element by element,you can define the way you want things to look in a style sheet. Your paragraphs will all take on the formatting you associate with the P element in your style sheet. If you want to define more than one look for an element, you can create classes of an element and assign the classes to the elements when you define them in the pages.

Advantages:

1. Easy maintenance


2. Making changes to the layout


3. Pages load faster


4. Consistency


5. Saves time

Disadvantages:

Browsers have varying levels of compliance with Style Sheets. This means that some Style Sheet features are supported and some are not.

Security Testing - Webscarab tool

Webscarab is a freeware. By using webscarab, we can do security testing for CSS and SQL injection. The URL is available here -> http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project

WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols. It is written in Java, and is thus portable to many platforms. WebScarab has several modes of operation, implemented by a number of plugins. In its most common usage, WebScarab operates as an intercepting proxy, allowing the operator to review and modify requests created by the browser before they are sent to the server, and to review and modify responses returned from the server before they are received by the browser. WebScarab is able to intercept both HTTP and HTTPS communication.

Penetration testing is a method of evaluating the security of a computer system or network by simulating an attack by a malicious user, known as a cracker. The process involves an active analysis of the system for any potential vulnerabilities that may result from poor or improper system configuration, known and/or unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures.