CodeClarityLab / Glossary
Ctrl K
← CodeClarityLab Home
Browse by Category
+ added · updated 7d
⚖ Terms of Use

Tag: browser

26 terms of 1448 total · page 1 of 2

🤖 AI Guestbook — #browser educational data only
| |
Last 30 days
1 ping — 2026-04-16 T 3 pings — 2026-04-17 F 4 pings — 2026-04-18 S 11 pings — 2026-04-19 S 3 pings — 2026-04-20 M 2 pings — 2026-04-21 T 5 pings — 2026-04-22 W 5 pings — 2026-04-23 T 11 pings — 2026-04-24 F 22 pings — 2026-04-25 S 12 pings — 2026-04-26 S 2 pings — 2026-04-27 M 6 pings — 2026-04-28 T 2 pings — 2026-04-29 W 14 pings — 2026-04-30 T 16 pings — 2026-05-01 F 12 pings — 2026-05-02 S 14 pings — 2026-05-03 S 2 pings — 2026-05-04 M 2 pings — 2026-05-05 T 5 pings — 2026-05-06 W 17 pings — 2026-05-07 T 9 pings — 2026-05-08 F 30 pings — 2026-05-09 S 17 pings — 2026-05-10 S 1 ping — 2026-05-11 M 3 pings — 2026-05-12 T 5 pings — 2026-05-13 W 4 pings — Yesterday T 12 pings — Today F
Agents 12
Perplexity 1Amazonbot 1
Amazonbot 190Perplexity 148Google 68ChatGPT 67Unknown AI 46Ahrefs 46Claude 40SEMrush 37Bing 9Majestic 7Qwen 4Meta AI 2
Most referenced — #browser
Fetch API & HTTP Requests 3Preload, Prefetch & Preconnect 1Critical Rendering Path 1Session Riding 1Web Storage, IndexedDB & Cookies 1DNS Rebinding Attack 1DOM-Based XSS 1SameSite Lax Bypass 1
Session Riding 1DNS Rebinding Attack 1DOM-Based XSS 1Fetch API 1
SameSite Cookie Attribute 78Fetch API & HTTP Requests 34DOM-Based XSS 32Cross-Site Request Forgery (CSRF) 32Cross-Site Scripting (XSS) 31Content Security Policy (CSP) 30HTTP Security Headers 30Preload, Prefetch & Preconnect 29
How they use it
crawler 605 crawler_json 48 pre-tracking 11
Tag total664 pings Terms pinged26 / 26 Distinct agents11
Sort A → Z Recently Added Recently Updated Difficulty Most Viewed Most Rated Most Shared
Level All Beginner Intermediate Advanced Tag: browser
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
DOM Clobbering
Attack where injected HTML elements with controlled `id` or `name` attributes overwrite JavaScript globals or document properties, weaponising script-less HTML injection into code execution.
CWE-79 OWASP A3:2021
2w ago security advanced 6.5
ES Modules (ESM) ES2015
The official JavaScript module system — import and export statements enable static dependency graphs, tree-shaking, and native browser module loading without a bundler.
1mo ago javascript intermediate
Fetch API ES2015
The browser-native Promise-based API for making HTTP requests — replacing XMLHttpRequest with a cleaner interface supporting streaming, CORS, and request/response objects.
1mo ago javascript beginner
WebAssembly (Wasm)
A binary instruction format that runs at near-native speed in the browser and on servers — enabling C, Rust, and Go code to run alongside JavaScript without plugins.
2mo ago frontend advanced
CORS — Cross-Origin Resource Sharing PHP 7.0+
A browser security mechanism that blocks JavaScript from making HTTP requests to a different origin — PHP APIs must send specific headers to allow cross-origin requests from permitted frontend origins.
2mo ago security intermediate
Import Maps ES2020
Import maps let browsers resolve bare module specifiers (import 'lodash') without a bundler — mapping module names to URLs in a JSON script tag.
2mo ago javascript intermediate
requestAnimationFrame — Smooth Animations HTML5
requestAnimationFrame(callback) schedules a function to run before the browser's next repaint — the correct way to animate in JavaScript, producing smooth 60fps motion and automatically pausing when the tab is hidden.
2mo ago javascript intermediate
Clickjacking PHP 5.0+
A malicious page overlays an invisible iframe over your site, tricking users into clicking UI elements they cannot see.
CWE-1021 OWASP A4:2021
2mo ago security intermediate 6.5
Clickjacking & CSP frame-ancestors PHP 5.0+
Tricking users into clicking hidden UI elements by overlaying a transparent iframe — prevented by CSP frame-ancestors or the X-Frame-Options header.
CWE-1021 OWASP A4:2021
2mo ago security intermediate 6.1
Diagram: Content Security Policy (CSP) Content Security Policy (CSP) PHP 5.0+
An HTTP response header that restricts which scripts, styles, and resources the browser is allowed to load.
2mo ago security intermediate
CORS Misconfiguration PHP 5.0+
Overly permissive Cross-Origin Resource Sharing headers allow malicious sites to read sensitive API responses.
CWE-942 OWASP A5:2021
2mo ago security intermediate 7.5
Diagram: Critical Rendering Path Critical Rendering Path
The sequence of steps the browser takes to convert HTML, CSS, and JavaScript into pixels on screen — optimising it reduces Time to First Paint and LCP.
2mo ago frontend advanced
DNS Rebinding Attack PHP 5.0+
An attacker tricks a browser into associating their malicious domain with an internal IP, bypassing same-origin policy to reach internal services.
CWE-350 OWASP A1:2021
2mo ago security advanced 8.8
DOM-Based XSS ES5
Malicious script is injected and executed via the browser DOM without any server-side involvement.
CWE-79 OWASP A3:2021
2mo ago security intermediate 6.1
Diagram: Fetch API & HTTP Requests Fetch API & HTTP Requests ES2015
The modern browser API for HTTP requests — Promise-based, streaming-capable, and replacing XMLHttpRequest in all new code.
2mo ago javascript beginner
HTTP Security Headers PHP 5.0+
A set of HTTP response headers that instruct browsers to enforce security policies, reducing XSS, clickjacking, and data leakage risks.
CWE-16 OWASP A5:2021
2mo ago security beginner
HTTP Strict Transport Security (HSTS) PHP 5.0+
A response header that instructs browsers to always connect via HTTPS for a specified duration, preventing protocol downgrade attacks.
CWE-319 OWASP A5:2021
2mo ago security beginner
Preload, Prefetch & Preconnect HTML5
Browser resource hints that instruct the browser to fetch resources earlier than it would discover them — reducing latency for critical assets and future navigation.
2mo ago frontend intermediate
SameSite Cookie Attribute PHP 7.3+
A cookie attribute controlling whether the browser sends a cookie with cross-site requests, providing strong CSRF mitigation.
CWE-352 OWASP A1:2021
2mo ago security intermediate
SameSite Lax Bypass PHP 7.3+
SameSite=Lax still sends cookies on top-level GET navigations — attackers can exploit this with GET-based state-changing endpoints.
CWE-352 OWASP A1:2021
2mo ago security advanced 6.5
✓ schema.org compliant