Joshua Rogers' Scribbles
Joshua Rogers' Scribbles
Joshua Rogers
Personal blog talking about technology, travel, and life.
Latest Posts
Always ‘Copy Clean Link’ when possible on Firefox, with userChrome.css
In my last two posts, I outlined how to clean up the right-click menu in Firefox to remove useless buttons, using either about:config or userChrome.css, respectively. One of my...
Making Firefox’s right-click not suck, even more, with userChrome.css
Cleaning up right-click with userChrome.css In my previous post, I wrote about using Firefox’s about:config to cut the right-click menu from a massive 26 buttons down to just...
Making Firefox’s right-click not suck with about:config
On a fresh installation of Firefox on MacOS, right-clicking an image while some text on the page is highlighted (to show as many buttons as possible) looks like so: Freshly...
Today I learnt about the NS_ERROR_INVALID_CONTENT_ENCODING error (or “Content Encoding Error”) in Firefox, which started popping up in my Network tab while trying to access...
From gixy-ng to Gixy-Next: rescuing the nginx security scanner, Gixy, from AI slop
I recently decided to fork and maintain a new version of the Gixy nginx security tooling, calling my fork Gixy-Next. The official website is https://gixy.io/, and the source...
This year, I’ve reported more issues via bug bounties than perhaps the past 10 years combined. The issues were all in completely random places, and the only reason they were...
Some time ago, a friend of mine and I hired a helicopter to fly us from Vienna to Wrocław. The story regarding this is, in my humble opinion, extremely funny, albeit long....
Another AI slop story: ChatGPT vs. Human
In my last two posts, I outlined different stories about my experiences dealing with developers that had offloaded their work to low-quality LLMs, resulting in frustrating...
AI slop security engineering: Okta’s nextjs-auth0 troubles
In October, I reported two security issues to Okta’s auth0/nextjs-auth0 project, here and here. The latter bug, an oauth parameter injection, allows for a range of types of...
Gixy-Next: an overview of a Gixy fork with updated, improved, and new checks
From gixy to Gixy-Next gixy is an old static analyzer for nginx configurations, which allows the operator to automatically discover vulnerabilities in statis nginc files. It...