Top # Search Engines List For Webmasters

Top Search Engines List

Web search engine is a software which crawls whole internet and indexes (stores) to make World wide web available to you at your finger tips.

Regardless of who(audience) you are targeting either domestic(local) or global . To better reach you audience you need to do SEO (Search Engine Optimization). Search engines crawl internet by following links they encounter but we can speed up things by feeding these search engines manually using web master tools they offer.

If you really care about global exposure and getting traffic from across the glob don’t just limit your self by one search engine. Optimize your site for multiple search engines & multiple languages.


Well, well. I think google needs no introduction. Google is the most popular search engine in the world with highest search engine mark share.

Google search console(and google analytics) is the go to place for webmaster to manage their properties, submit sitemaps and monitor traffic.

Google webmaster tools

Google Search Console

Google search console tools & reports will help you to submit/update sitemap, analyse and measure search traffic, spot search trends, measure performance, identify issues, monitor search impressions/click trough rate and fix issues. More than anything google search console helps you to make sure your site is visible in google search results.

Google Analytics

Google analytics is a service that provides statics and analytical tools for Search Engine Optimization (SEO). It is lot powerful than it seems. Google analytics can be used to monitor site traffic and optimize websites for both users and search engines.


Bing is the search engine which is owned by Microsoft. Bing is decedent of it’s previous search engines “MSN Search”, “windows live search” and “Live Search”, these search engines were replaced by (re-branded as ) Bing. Microsoft officially replaced Live Search by Bing on 2009. Now, bing is one of biggest search engine competing with google and others. As of 2019 it is in second place with market share 2.41%.

Big Webmaster Tools

Bing webmaster tools are like google search console and google analytics. Use Bing webmaster tools to submit your website and it’s sitemap to get indexed by Bing.

Add your site and verify against Bing to start monitoring your search appearances.

Yahoo Yahoo Search

Yahoo! search engine is owned by american company yahoo which was launched in 1995. As of 2019 Yahoo reserves 3rd place in search engine market share after Bing. Yahoo and Microsoft had a deal in 2009 where yahoo search would be powered by Bing. Yahoo launched it’s localized versions in many countries.

As of writing this article Yahoo! doesn’t offer any webmaster tools or portal to manage websites since it uses Bing behind. Adding your site on Bing would help.


Baidu is the biggest popular search engine in China. It is china’s local search engine. Because of the fact that china having so many internet consumers. Search engine baidu stands fourth in a row after yahoo according to market share.


Yandex is the web search engine in Russia which is owned by Russian corporation Yandex. Yandex search engine is a strong competitor for google in Russia. As of 2019 Yandex is in 4th place after Baidu according to it’s market share.

Yandex Webmaster

Yandex Webmaster is the portal where you can submit sitemap, monitor search engine appearance, stats and performance.


The web search engine DuckDuckGo known as DDG . Which is known as DuckDuckGo the search engine that doesn’t track you. DuckDuckGo is getting popular, more and more people are using it who are concerned about privacy and online tracking. It is minimalistic, doesn’t store personal information, doesn’t follow with ads and tracking. Since it doesn’t track, it won’t provide an personalized search results.

As of 2019 DuckDuckGo has market share of 0.41%. DDG gets revenue from Yahoo-Bing Search alliance network and affiliate links.

The search engine DuckDuckGo doen’t offer any webmaster tools to submit your website. Submitting your site and sitemap at Google and Bing would help. Duckduckgo uses multiple search sources to index, once your site is picked by other search engines, it will show up on DuckDuckGo as well.

The Naver is a regional web search engine which is quite popular and ranked first in South Korea. Naver has more than 72% of market share in South Korea. Naver offers other suite of tools including web search like translation service etc.

Naver Featured Services Naver Webmaster Tools

Seznam Search is the regional search engine which serves “Czech Republic” and “Slovakia”. It is founded in 1996 which offers 15+ other services along with internet search. Seznam is the strongest competitor in Czech Republic for google. Seznam ranks second after google in Czech Republic.

Other Regional Search Engines

Japan: Goo Israel: Walla

How to interact with the clipboard using JavaScript

Clipboard - Copy, Cut and Paste Using JavaScript

It’s never been a easier job to copy the text programmatically with in the browser. We use to rely on flash to get it done. Good news, now we have more than couple of ways to interact with clipboard using JavaScript.

Clipboard is a data buffer which is used to store the data for a short-period of time to perform operations like cut, copy and paste. Here are the ways that you can choose to operate with clipboard for cut, copy and paste operations.

Interact with clipboard using document.execCommand

document.execCommand API allows us to run commands on editable regions like form inputs and contenteditable elements. Visit commands of document.execCommand to find out all supported commands. We would use commands “copy”, “cut” and “paste” to interact with system clipboard.

document.execCommand is an old API compared to Async Clipboard API yet supported by most browsers.

Using document.execCommand for cut, copy & paste operation is limited to copying the selected text only

All document.execCommand calls must take place inside short-living event handlers of user actions like mouse click, keypress etc. Any kind of special permission is not required if document.execCommand is executed inside event handlers(as a result of user action, ex: mouse click). If it is called outside the event handlers, behavior depends on browser implementation, on Firefox this command will not execute and you will see error in the console

document.execCommand(‘cut’/‘copy’) was denied because it was not called from inside a short running user-generated event handler.

Copying text of given element using command.execCommand

Let’s see how to copy textContent of a given element using command.execCommand

function copyContent(elementID) {
const ele = document.getElementById(elementID);;

// Assume id of button is copy and id of input element is input
document.querySelector("#copy").addEventListener("click", e => copyContent("input"))

As you can see above code, we have selected content of given element first then called document.execCommand(‘copy’) to copy followed by blur to deselect text.

Cut content from input or contentEditable elements

Process is same as copy but pass “cut” as an argument instead of “copy” to document.execCommand function call.

function cutContent(elementID) {
const ele = document.getElementById(elementID);;

// Assume id of button is cut and id of input element is input
document.querySelector("#cut").addEventListener("click", e => cutContent("input"))

The paste command document.execCommand(‘paste’) is not supported by most of the browsers because of possible security concerns

See the Pen Clipboard document.execCommand by neotam (@neotam) on CodePen.

Copy text to clipboard using document.execCommand

If you want to put some random text into clipboard instead of selected content of the element, you have to create a temporary element, append it to document body, select it and then execute copy command. Since document.execCommand(‘copy’) only copies selected text /nodes from the DOM.

function copyToClipboard(text){
const ele = document.createElement('textarea');
ele.value = text;
ele.setAttribute('readonly', true)
// Following styling is to avoid flashing textarea on screen = 'absolute'; = 0; = 'transparent'; = 'none'; = '-100%';
const textToCopy = "Hello! I got Copied";
document.getElementById('copy').addEventListener('click', e => copyToClipboard(textToCopy))

See the Pen clipboard document.execCommand copyToClipboard by neotam (@neotam) on CodePen.

Asynchronous Clipboard API

This is recent addition to the specification, which seems more matured. Async clipboard API provides asynchronous access to the clipboard to read and write text directly so called Async Clipboard API . Unlike document.execCommand this one need permissions to interact with clipboard

This Clipboard (Async Clipboard API) only works in secure context, i.e only on HTTPS

Navigator exposes the system clipboard through property Navigator.clipboard

All methods of Clipboard or navigator.clipboard returns Promise . Which will be resolved if operation on clipboard is successful else it will rejected if there is any kind of error or clipboard access is denied because of permissions.

Following are PermissionNames related to Async Clipboard API, which are passed to navigator.permissions.query to request or check the permission.

  • clipboard-write
  • clipboard-read

Write to clipboard using navigator.clipboard

Clipboard has following two method to write data/text into clipboard

  • write()
  • writeText()

These methods trigger asynchronous operation and returns Promise which will be resolved on success else rejected on failure(possible if access denied)

Following simple function demonstrates using of navigator.clipboard which takes text and writes into the clipboard.

function writeToClipboard(text) {
result => {
console.log("Successfully copied to clipboard", result)
err => {
console.log("Error! could not copy text", err)

You can use the above function directly or you can wrap another function around it which tests for (permissions)access before calling this function

Checkout above code in action at write to clipboard using Async Clipboard API

Read from clipboard using navigator.clipboard

navigator.clipboard(Clipboard) has following two methods which are used for reading data/text from clipboard

  • read
  • readText

This following function uses navigator.clipboard.readText to read copied text from clipboard. Browser might prompt the user for permission to grant access to clipboard to read text.

Clipboard Events

We can listen for the “copy”, “cut” and “paste” events on document to override what is being copied and what is being pasted. This is useful when you want to apply formatting(or filter) to text while it goes to clipboard or comes out of clipboard

Override the copy event

document.addEventListener('copy', function(e) {
e.clipboardData.setData('text/plain', 'Hello! Welcome');
e.clipboardData.setData('text/html', '<b>Hello, Its copy override!</b>');

Override the cut event

document.addEventListener('cut', function(e) {

e.clipboardData.setData('text/plain', 'Hello! Welcome');
e.clipboardData.setData('text/html', '<b>Hello, Its copy override!</b>');

//Since we are overriding cut operation and preventing default we need
// to manullay remove the selecte text

Override the paste event

document.addEventListener('paste', function(e) {
if (e.clipboardData.types.indexOf('text/html') > -1) {
var oldData = e.clipboardData.getData('text/html');
var newData = '<b>Oh Yeah!</b> ' + oldData;

To prevent user from performing copy, cut and paste operation on particular element. Add “return false” to event handlers on that corresponding element.

<div oncopy="return false" oncut="return false" onpaste="return false"> </div>

Clipboard Library

If you are a library freak and don’t mind using Vanilla JavaScript . Here is the clipboard library for you

Install Javascript clipboard library using npm

npm install clipboard --save 

How to use this library is out of scope of this article. I will leave it to you, you may find more if you head over to npm clipboard

Cross-Origin Resource Sharing (CORS) Explained

Cross Origin Resource Sharing

Cross-Origin Resource Sharing (CORS) is the mechanism to allow content loaded from one (main) origin to access the selected resources available from servers at different origin. This mechanism of accessing resources at different origin is called CORS (Cross-Origin Resource Sharing). This is possible by making use of additional HTTP headers by both browser and Cross Origin server.

CORS is the mechanism among others to relax the browsers Same-Origin Policy

Let’s see what is Same-Origin Policy, and how CORS is used to relax this restriction

If you are excited to read through whole article 👍, else jump on to ,

What is Origin ?

HTTP Origin Explained

An Origin can be defined as combination of Protocol, domain and port . We can also use URI Scheme instead of protocol, like wise hostname instead of domain. The origin describes the origin/location from which the document is loaded. You can access the origin of document in JavaScript as follows


If port is not mentioned it defaults to 80 . Origin of a document won’t be changed once browser loads a main page/document from the server. On the other hand Origin is also the HTTP Request Header . Which is used to describe the origin of XHR or fetch requests, which is obviously the origin of the document from which script is making requests. Origin header is sent with CORS requests including POST requests. As we have seen above, origin is the combination of Protocol, domain/host and port. Origin doesn’t include any path, port is optional(omitted) if it is 80 .

The Origin header describes from which origin the HTTP requests are coming from to the Cross(different) Origin Server. The Cross Origin server acts based on the kind of Origin header it receives.

What is Same-Origin Policy? Why it is Important ?

Let’s see little bit about Same-Origin Policy before we jump on to CORS which is there to relax it.

The Same-Origin Policy is a security mechanism under which the browser imposes the restriction on scripts running on a document loaded from one origin from accessing the data from another origin. This policy is critical in web security model which prevents malicious scripts running on one document from obtaining access to data on another document of different origin through DOM. It is important, since HTTP is a stateless and connectionless protocol, cookies are used to keep track of the state.

This restriction is only applied to the scripts running on a document from making requests to different origin. But not to the embedded resources like images, CSS and scripts.

Let’s see simple example, what if there is not same-origin policy

Let’s assume you visited a banking website and still logged in. And also assume you went to the website which has some malicious JavaScript code, this could be in a different tab or same tab or different window but same browser. Because you are still logged in on the banking website, the malicious script running on different origin can impersonate you by sending requests to banking site which is at different origin. Since it can do any thing as you could do on the banking site. It can transfer amount, make payments and even download the transaction history. This all happens because the browser sends and receives cookies to/from the banking site based on its domain.

Well, you visiting the malicious site may think it has no access to the banking site cookies. That might be true, that Javascript has no direct access to the cookies of banking site, yet it can send the requests to the path/document at different origin of banking site. Browser attaches the cookies based on domain. Since script impersonates you as a user, it can do anything even CSRF protection would be not that effective.

Same-Origin vs Cross-Origin

Two URLs are said to be same origin only if all protocol, domain and port match in the. When browser makes a request to the URL it checks the origin to apply same-origin policy

Let’s take the Reference URL to check whether if following URLs are same origin or Cross Origin

Same Origin
Cross Origin
Same Origin but different path
Same Origin but different path
Different Domain
Different Protocol http
Different Domain & protocol
Different protocol,host & port

As we have seen above, if origin is determined as Cross Origin. Browser will take necessary measures and impose a restriction on scripts sending the request to Cross Origin. It is absolutely good and secure, but it is always not desirable and too restrictive when we want to communicate legitimately to the remote Cross Origin Server.

There are different ways to relax this browsers Same-Origin Policy . CORS is one of them among other which are, document.domain, Cross-Document Messaging, old schoold JSONP and Web Sockets. So that, we scripts on origin can access the data on Cross-Origin Server securely by sending any kind of HTTP Requests.

Who Uses CORS? When it is Used ?

Well, now almost every web developer uses CORS even if he is not aware. CORS is used by any application which makes use of the following,

  • Web Fonts
  • Oauth & OpenID services
  • API Service Providers
  • Payment Gateways
  • Service providers for web applications like
    • stripe

CORS plays a vital role if you are creating the application by using the model SOA(Service Oriented Applications) . Since whole application is made up of several micro-services as opposed to monolithic application. In which case, browser would need to communicate with several microservices. Ideally each micro-service would be running on it’s own origin.

CORS Functional Overview

Cross-Origin Resource Sharing (CORS) is the mechanism to allow scripts running at one origin in the browser to access the selected resources from web server at different origin. During CORS browser uses additional HTTP Request Headers to inform remote sever at different origin that, from which origin requests are coming from, and additional HTTP Response headers are used by web server at different origin to tell browser if it is having access to the requested resources.

Failure of CORS potentially due to the Cross-Origin server doesn’t approve the origin result in an error. Specifics of this error won’t be available to the JavaScript code for security reason. but, the code gets the signal that there was an error. For debugging to get details of what went wrong we can take a look at browsers console.

It’s browsers responsibility to support CORS and honor the restriction if servers don’t approve the CORS

There are two types of CORS requests.

Based on kind of HTTP method, Mime Type and headers that are used to make HTTP request browser makes one of the following CORS Request

According to the CORS Specification browser would send an additional preflight request before the actual request for HTTP methods that can cause the side effect on server side data to determine if client(origin) is having permission to access/modify the data at cross-origin. Upon approval from the cross-origin server through additional CORS Response Headers, browser will send the actual request. This preflight request which is OPTIONS method, is sent only for HTTP methods that can cause the side effect on server’s data which are other than GET and POST with certain MIME Types.

Cross Origin Request Abstract Flow
Cross Origin Request Abstract Flow

CORS – Simple Request

Some CORS requests don’t trigger preflight request, so we call it as ‘simple request’.

Simple requests are made by browser to cross origin server only if browser think that, the request won’t cause side-effects on server side data. For simple request browser offers very limited access to the scripts on HTTP Response.

Simple Request Conditions

Browser makes “Simple Request” only if following conditions are met,

Only following methods don’t cause prelight request
  • GET
  • HEAD
  • POST with certain mime types
Other than headers that are automatically set by the browser. According the specs, browser make the simple request only if they are one of CORS safelisted Request Headers. Which are,
  • Accept
  • Accept-Language
  • Content-Language
  • Content-Type value should one of see below
  • DRP
  • Downlink
  • Save-Data
  • Viewport-Width
  • Width
Allowed values of the Request Header Content-Type are,
  • application/x-www-form-urlencoded
  • multipart/form-data
  • text/plain
Now even listener should be registered XMLHttpRequestUpload
No ReadableStream associated with Request

If you are using fetch to make CORS request, you can only access the following Standard Response headers because of restriction according to the spec Safe listed Response Headers

  • Cache-Control
  • Content-Language
  • Content-Length
  • Content-Type
  • Expires
  • Last-Modified
  • Pragma

and anything which is not part of forbidden response header names

Simple Request in Action

Simple request makes use of mainly Origin and Access-Control-Allow-Origin request and response headers respectively for CORS to handle privileges.

Let’s see simple exchange of headers for simple request

CORS Simple Request
CORS Simple Request

As you can see in the above picture. Sending request by xhr, fetch or using webfonts in style triggers browser CORS mechanism. Here assume that we are on page of, from this page we requested font Open Sans from host Since we are sending GET request and not used any custom headers. Browser won’t send any preflight request. Browser included “” into the Origin header. Usually server would include what comes in Origin into Response Header “Access-Control-Allow-Origin” . But here “*” is included in the header, which means all origins are allowed to access the resource.

Let’s try the same thing in your favorite browsers console.

Open console for any website. ideally that website will be the origin of request. Assume we are on

Resource URL:

Here Cross Origin will be with respect to

Let’s run the following snippet and inspect your self the headers for the success scenario of simple CORS request.

 corsURL = '';
xhr = new XMLHttpRequest();'GET', corsURL, true);
xhr.onload = r => console.log(r);
CORS simple request browser console inspect

Here is how full exchange of headers between client and server

 GET /css?family=Open+Sans HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0
Accept: /
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive

HTTP/2.0 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link:; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 11 Feb 2019 19:15:32 GMT
date: Mon, 11 Feb 2019 19:15:32 GMT
cache-control: private, max-age=86400
content-encoding: br
server: ESF
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
X-Firefox-Spdy: h2

CORS – Preflighted Request

Above we have seen about the CORS simple request. Unlike simple request the preflight request sends one extra request prior sending the actual request. As discussed above preflight request is sent for the methods which can cause the side effect on server side data, also if any of the conditions that mentioned for simple request doesn’t satisfy.

Methods for which browser makes preflighte request are,

Here is the flow of preflighted request,

CORS Preflight Request Flow
CORS Preflight Request Flow

In the above picture browser from the origin “” is sending HTTP Post Request for updating profile to host (imaginary host). Since it is a post request browser makes preflight HTTP POST request with headers.

Access-Control-Request-Method: POST
Access-Control-Request-Headers: X-Csrf-Token, Content-Type

Above headers are sent by browser in OPTIONS request to ask server at different origin that, Does the origin “” (Origin: is having permissions to make a request with method POST (Access-Control-Request-Method: POST) also using headers “X-CSrf-Token, Content-Type” (Access-Control-Request-Headers: X-Csrf-Token, Content-Type).

Server replied to the OPTIONS request(preflight request) with headers,

Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Headers: X-Csrf-Token, Content-Type
Access-Control-Max-Age: 86400

The above response for the OPTIONS request from the server states that, the requested origin “” is having permission to send request with methods “POST, GET and OPTIONS” including headers “X-Csrf-Token, Content-Type”. With max time to cache this cache this preflight request is 86400.

If it wasn’t the above response from the server. Browser won’t send the actual request and trows an error in the script.

This whole preflight (HTTP OPTIONS) request is the negotiation between browser and server to determine if actual request is having permissions for the resources on remote server along using given headers on actual request.

Here is the simple Javascript snippet to make a request using fetch

 var corsURL = '';
var body = {msg: "CORS test"}
var p = fetch(corsURL,
method: "POST",
mode: "cors",
headers: {
"Content-Type": "applciation/json",
"X-Csrf-Token": '32kda832da'
redirect: 'follow',
body: JSON.stringify(body)
p.then(response => response.json())

CORS Headers

CORS Request Haders


Origin Headers indicates that the origin from which the quest originates
Origin Header is sent with CORS requests includig POST request


The request header Access-Control-Request-Method used in HTTP OPTIONS request. Browser sends this header to server during preflight request, to let server know what kind of method will be used when making actual reqeust after prelight.


The request header Access-Control-Request-Headers is used in HTTP OPTIONS request. Browser sends this header to server during preflight request, to let server know what kind of headers are used when making actual request after preflight.

CORS Response Headers


The Response header Access-Control-Allow-Origin is sent by Cross Origin server in response to preflight request. Which includes either the origin which is sent via Origin header if it is allowed or * if the resource is open to for all origins to access. IF * wildcard is used we can’t pass the credentials to server in request since it open for all it make sense.

Access-Contro-Allow-Origin: <origin> | *


The Response header Access-Control-Allow-Method is sent by Cross Origin server in response to preflight request. Which includes Methods that are allowed to access resource in the actual request.

Access-Contro-Allow-Methods: GET, POST, PUT, OPTIONS


The Response header Access-Control-Allow-Header is sent by Cross Origin server in response to preflight request. Which includes HTTP Headers that can be used in the actual request.

Access-Control-Allow-Headers: X-Csrf-Token, Content-Type


The Response header Access-Control-expose-headers is sent by Cross Origin server in response to preflight request. Which includes headers that browser/script is allowed to access.

Access-Control-Expose-Headers: X-Custom-Header, X-Custom-Cookie


The Response header Access-Control-Allow-Credentials is sent by Cross Origin server in response to preflight request. Which includes whether if actual request can be made with credentials or not. Note that Credential is not supported if the CORS header Access-Control-Allow-Origin is “*“.

Access-Control-Allow-Credentials: true


The Response header Access-Control-Allow-Credentials is sent by Cross Origin server in response to preflight request. Which includes seconds. Which states that, how long the preflight response can be cached

Access-Control-Max-Age: 8400

How to view converted SQL queries of Django ORM

View Django ORM's raw SQL queries

Django provides the ORM which is database and vendor agnostic, as a result we can perform operations on database regardless kind of database running behind.Thus, developer may not need expertise on specifiec database, all he needs is how to play with ORM But, sometimes we may want to see the how Django is converting ORM into raw SQL queries of specific database either for debugging or learning.

There are multiples ways to see converted Queries

View Queries using django.db.connection.queries

You can find queries so far that converted by ORM at django.db.connection.queries

print converted django queries

>>> from django.db  import connection
>>> print(connection.queries)

Access raw SQL query on QuerySet object

Every queryset object has query attribute, which holds the actual SQL query which will be sent to Database. query attribute return query when either print or convert it to str

>>> qs = MyModel.objects.all()
>>> print(qs.query)

Configure Django Logger to log Queries

Django logs debug messages including raw SQL queries it is executing to console. To see these message you have to configure django logger and set DEBUG True

Add following setting to file of project


** DEBUG=True is not recommended in production

Configure django logger and set it’s level DEBUG in

'django': {
'handlers': ['console'],
'propagate': False,
'level': 'DEBUG'

Simple Complete logging setting to log Django logs including queries , Copy and paste the following setting into your module , so django displays logs messages including queries being sent to DB that are converted from ORM to raw SQL on console

'version': 1,
'disable_existing_loggers': False,
'formatters': {
'verbose': {
'format': '%(asctime)s-%(module)s-%(levelname)s :: %(message)s'
'simple': {
'format': '%(levelname)s :: %(message)s'
'handlers': {
'console': {
'level': 'DEBUG',
'class': 'logging.StreamHandler',
'formatter': 'verbose'
'loggers': {
'django': {
'handlers': ['console'],
'propagate': False,
'level': 'DEBUG'

Refer more on logging configuration at Django Logging

Database general query logs

All most all DBMS software’s support the logging of queries which are being execute for both debugging and tuning. You can enable the logging for a while to monitor queries from multiple clients.