usability – When an accordion or collapsible panel is open, are there any concerns with having the header BELOW the panel?

While I understand your read on why the header would go under the panel; the opposite visualisation can follow the same animation “principle” and make the same amount, if not more, visual sense.

Think of an actual accordion being held sideways by someone. The “header at the bottom” logic would have the bottom half of it being pulled down to show the “folded” part; while the “header at the top” logic would be the same accordion being “unclasped”, which would make the bottom half just fall down to show the folds (panel). So, from the get-go, I’d argue that the “header at the top” relationship is connected in a more natural and effortless way to its physical world counterpart.

Putting that aside, having the text that titles something at the bottom of that something goes pretty head-on against a left-to-right, top-to-bottom reading and hierarchy pattern. A title, or a “header”, goes at the top of a content to give it a name and context (hence the name). In short, having a “head” at the feet is a big no-no in my opinion.

What might be throwing you off is the arrow element being used to expand the panel. Consider other options:

Arrow on the left pointing to the header title

Arrow on the left pointing to the header title

Expands to an arrow pointing down. The selected header gets highlighted and the physical relationship between the header and the panel that shows up “under” it can be reinforced by indentation or a shadow

enter image description here

Another option is using the +/- signs

enter image description here

Regardless of the chosen element to indicate expansion, I’d strongly recommend not putting the header at the bottom. Besides what I just mentioned, if you have a lot of items in your panel, the header might go under the scroll line; so I would be looking at a list of items in a panel without knowing their title (context). You could use an internal scroll on the panel, but scrolling up and down a list that has its title on the bottom still feels very odd.

Well, those are my two cents, hope it helps.

"Request header field CSRFToken is not allowed by Access-Control-Allow-Headers"

I had a cors issue.

I tried to set access-control-allow-origin to my own domain, to all "*", inside functions.php, inside htaccess, setting cors in my AJAX call, adding headers in my AJAX call, adjusting async, contentType, dataType, cache, etc.

http – Should I check Host header or ServerName for CSRF defense?

In a CSRF defense based on checking forbidden headers, should I check Origin/Referer header against the ServerName configuration directive, or is it sufficient to simply check against the HTTP Host header? What are the characteristics of the client-server interaction in link (anchor href), form, and XHR -based attack scenarios?

I’m asking because I’m trying to make my application ready for proxies. Load balancer on public networks are one of the many possible use cases, but local ssl/tls wrapper is more urgent as we need to test WebCrypto API usages in secure contexts.

Warning: Unnecessary HSTS header over HTTP

we would like to add the HSTS header to our page https://www.wipfelglueck.de
Our page is running on a shared server, so we don’t have access to the httpd.conf. We tried to enable this header via the .htaccess file like this:

<ifmodule mod_headers.c>
  DefaultLanguage de
  Header set X-XSS-Protection "1; mode=block"
  Header set X-Frame-Options "sameorigin"
  Header set X-Content-Type-Options "nosniff"
  
  Header set X-Permitted-Cross-Domain-Policies "none"
  
  Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
  
  Header set Referrer-Policy: no-referrer
  
  <FilesMatch ".(js|css|xml|gz)$"> 
    Header append Vary Accept-Encoding 
  </FilesMatch> 
   
  <filesMatch ".(ico|jpg|jpeg|png|gif|webp)$">
   Header set Cache-Control "max-age=2592000, public"
  </filesMatch>
  <filesMatch ".(css|js|json|html)$">
   Header set Cache-Control "max-age=604800, public"
  </filesMatch>
</IfModule>

When we check the page we receive the warning in subject with this text:
“The HTTP page at http://wipfelglueck.de sends an HSTS header. This has no effect over HTTP, and should be removed.”

I tried some ways to solve this, but was not successful so far. In the web I can’t find a solution, so I would be happy if you could give me a hint on this!

Thank you very much!!

footer – Header won’t appear when I open the Excel file on share point, because on the VIEW menu only the NORMAL view exists. How can I add Page Layout View

I have created an Excel file with Header and Footer and I can view the Header and Footer using the Page Layout view when opening the file in my computer,
I upload the same file on sharepoint and open it on sharepoint, I can not see the header and Footer, because only Standard ( or normal) View is available on Excel in Sharepoint.

How can I add the Page Layout view to Excel on Sharepont Excel.
I am not the admin and I am not a programmer.

Thank you!
Armin

enter image description here

php – using add_action for a header hook that has an additional parameter

The theme I’m using has a hook inside header.php file to separate the header into two parts, left & right. I want to add some content into the right section but I don’t understand how can I add the additional parameter when using add_action(). Code as below,

do_action( 'sinatra_header_widget_location', 'left' );
            get_template_part( 'template-parts/header/logo' );
            do_action( 'sinatra_header_widget_location', 'right' );

How can I pass 'right' parameter into add_action? my funcions.php looks like:

add_action('sinatra_header_widget_location', 'my_custom_function');
function my_custom_function() {
    echo 'test';
}

Is normal that a web site which use OpenID as SSO sends all the cookie without samesite header?

Is normal that a web site which uses OpenID as SSO sends all the cookie without samesite header?
Is this required in order to make OpenID work correctly?

How to hide the column header of a sharepoint document library in Sharepoint Online?

How can I hide the column header of a sharepoint document library in Sharepoint Online.

Gr. P

e commerce – what quantity to display in the header shopping cart icon

For an e-commerce site, in the header you have the cart icon, with the quantity of items in the cart displayed.

What is the best number to show as the quantity? Should you show the number of unique items, or the number of total items.

e.g. if you have 2 x hats, and 3 x shoes in a cart, should you show the items as 2 (hats + shoes), or 5 (2 hats + 3 shoes)?

Are there such thing as header files in unity/C#?

There is no such thing as a header file in C#, but cs files can do what you need.

Size.cs

public enum Size {
    Small,
    Medium,
    Large
}

DamageAttributes.cs

public class DamageAttributes {
    // TODO: implementation
}

(I made these files separate to show that they can stand alone, without an associated owner class grouping them, and so it’s easy to find the file containing eg. Size – it’s the file with the same name! But of course you could lump these definitions together into one common file if you preferred)

You don’t need to manually include these files in your Sword and Spear class files. By default, anything public that you haven’t put into a specific namespace ends up in your default project assembly namespace, and can be referenced from any other file in your assembly without an extra using directive.

Of course, you could choose to place them inside a namespace if you’d like to do so for organization, like…

DamageAttributes.cs

namespace Weapons {
    public class DamageAttributes {
        // TODO: implementation
    }
}

Then you can reference the type with the qualified name Weapons.DamageAttributes or pull in the whole namespace (which might have its contents defined across multiple different source files) with a using Weapons; directive.