Newsletter
In Depth: Content Security Policy
[InDepth#7] CSPs are an incredibly powerful security feature built into the browser.
Newsletter
[InDepth#7] CSPs are an incredibly powerful security feature built into the browser.
Security Tips
[Tip#17] It's easy to forget to update the admins list when it changes...
Security Tips
[Tip#16] Ever clicked a link that looked legitimate, but took you somewhere unexpected?
In Depth
[InDepth#6] You can use response timing to infer important information.
Security Tips
[Tip#15] Because we don't already have enough to worry about, without also needing to factor in other characters and emoji too...
Security Tips
[Tip#14] What is Subresource Integrity and why is it so important for securing your site?
In Depth
[InDepth#5] It sounds easy to rehash passwords, but is it really that easy?
Security Tips
[Tip#13] Blocking Compromised (Pwned) Passwords forces your users to use strong passwords, but is it the right choice for your app?
Security Tips
[Tip#12] It's easy to guess passwords if your app doesn't rate limit attempts...
Security Tips
[Tip#11] Why duplicate password validation rules across your app when you can define defaults once?
In Depth
Placeholders are incredibly useful, but you need to be careful with them.
Security Tips
[Tip#10] You should always selectively stage changes, to avoid committing secrets or debug code and pushing to prod.