· software
This CORS Mistake Exposes Your API (I See It Everywhere)
Problem A common pattern seen in many Cloudflare Workers and other serverless functions is: js headers.set'Access-Control-Allow-Origin', ''; headers.set'Access...
-
- · software
That CORS Error Isn’t a Bug — It’s Actually Protecting Your Web App
markdown Understanding CORS Cross‑Origin Resource Sharing If you've worked with APIs in a web app, you've probably seen this error at least once: Access to fetc...
- · software
Goodbye Hidden Fields: Modern CSRF Protection Without Tokens
If you have ever configured protection against Cross‑Site Request Forgery CSRF attacks, you likely remember the routine: generate unique tokens, embed them in h...
- · software
# Important HTTP Response Headers Every Developer Should Know
HTTP Response Headers for Backend Developers The silent guardians of security, performance, and user experience. In this guide we’ll explore the most critical...
- · software
Entendendo o JSON Web Token (JWT)
Em algum momento, ao criar uma aplicação web, precisamos desenvolver uma solução de autenticação para o sistema. Existem várias estratégias para isso, como aute...
- · software
Hands-On TLS: Inspect Certificates, Verify PFS, and Build a Local HTTPS Server
!Cover image for Hands-On TLS: Inspect Certificates, Verify PFS, and Build a Local HTTPS Serverhttps://media2.dev.to/dynamic/image/width=1000,height=420,fit=cov...
- · software
Nuxt Scripts for improved Performance and Security
When building modern Nuxt applications, third‑party scripts are often unavoidable Analytics, marketing tools, customer‑support widgets, A/B testing platforms,...
- · it
Most parked domains now serving malicious content
Article URL: https://krebsonsecurity.com/2025/12/most-parked-domains-now-serving-malicious-content/ Comments URL: https://news.ycombinator.com/item?id=46312021...
- · software
Praktikum Keamanan Web: Cross-Site Request Forgery (CSRF) 😱🛡️
Pendahuluan Halo, teman‑teman mahasiswa! Selamat datang di praktikum tentang Cross‑Site Request Forgery CSRF, salah satu serangan web yang licik. Bayangkan kam...
- · it
Most Parked Domains Now Serving Malicious Content
Direct navigation -- the act of visiting a website by manually typing a domain name in a web browser -- has never been riskier: A new study finds the vast major...
- · software
YES I AM THE ONE WHO REQUESTED THE ACCESS
NOTE: This is my first post, so apologies in advance if I’ve misunderstood something. I’m open to discussions and corrections. What is JWT? JWT stands for JSON...
- · software
Python Guide: How to Detect If a Domain Is a Scam
Introduction Shopping online and signing up for new websites are everyday activities, but so is stumbling across scam domains. These shady sites may take your...