I recently created a web-accessible intranet site for a customer (it's an internal business application, but hosted on an external shared host so has a "public" domain name). It's SSL-secured and password protected. Today a user reported a page within the site being flagged by Norton Safeweb (a browser plug-in) with the heading "Scam Insight: Personal Information Risk". It's a full-screen warning that says the site is "not well established with the Norton Community. Use caution when entering" and has a large button "Exit site" and a smaller link "Continue to site".
It seems Norton "rate" sites and the extension dynamically blocks access to sites they - Norton - have not whitelisted. There's a (very buggy) process to register as the owner of a site (which involves uploading an encoded HTML file - god knows what it contains - and then getting Norton to verify), however registration as owner does not in itself whitelist the site. You need to explicitly request assessment (which I've done) but it can take a while, and it seems that if they then deem your site "unsafe" that they will continue to block it. There's a dispute resolution process but it seems people spend a lot of time fighting inappropriate ratings from Norton.
This is unilateral censorship of the web, without explanation of what any issue is. (Other virus checkers may warn about a mismatched or expired SSL cert, for example, but the warnings are generally explicit about the problem, and there is a clear issue). Norton don't make any attempt to notify a site owner if they block access to it unless the site owner has registered. It doesn't apply in this case, but suppose I'd spent marketing dollars driving potential clients to a commerce site - I'd be losing both visitors and income.
Am I over-reacting about this? Does it seem fair? What are other people's experience with Norton SafeWeb, and does anyone know what they're even looking for??
Basically answering my own question, so that this maybe helps others that came across this.
So after doing more research, I found out that by reusable CSS:
"There are some significant shortcomings that makes CSS difficult for reusability, modularity, and maintainability. Features like nested selectors can be tempting to use but lead to brittle, difficult to maintain code that doesn’t stand up well to changes in the HTML. There also isn’t a single standard to use when making organization decisions for your CSS. However there are some methodologies that are commonly used to organize CSS at scale.
If the parent element is in the correct position, you don't need to do anything to the child elements. They'll automatically be positioned within the parent element. If you position then and add top and left values to them, those values will be relative to the parent element, not the document.
What's the consensus on the security of using a webservice (asmx) for general database entry? Secure, not secure, better than using .NET SQLDatasource? Interested in feedback and if there's anything better that I can use.
".45 ACP - because shooting twice is just silly" - JSOP, 2010 ----- You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010 ----- When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013