loading...

All 47 Comments

re: Why Quasar? Why Nuxt? Why Vue?
That's helpful, thanks!
re: Why Quasar? Why Nuxt? Why Vue?
Ah, you have no option but to use Quasar's CSS classes? So ...
re: Run Windows update now!
Definitely agree, it's a bad vulnerability. SwiftOnSecurity...
re: What API documentation generator/tool do you use?
I didn't know the company logos were clickable. Those are g...
re: How CORS (Cross-Origin Resource Sharing) Works?
Seng is right. I'll add that Access-Control-Allow-Origin is...
re: How CORS (Cross-Origin Resource Sharing) Works?
Maybe add a note to the article about how dangerous origin:...
re: Make a Rubber Ducky for $3 with Digispark
This is great!
re: How do you practice safe public wifi access?
There's this neat thing called HTTPS which uses this thing ...
re: What are the good practices to Node.js web app authentication and authorization?
Please do not store session tokens in local storage auth0....
re: What API documentation generator/tool do you use?
This looks really neat.
re: What API documentation generator/tool do you use?
Yeah OpenAPI is great for its ubiquity and cross-tool suppo...
re: What API documentation generator/tool do you use?
Asciidoc I'm really not excited about. You have to write ou...
re: What API documentation generator/tool do you use?
😧 Oh no! Hopefully some of these resources people are post...
re: What API documentation generator/tool do you use?
Stoplight.io looks pretty interesting. Will check it out, t...
re: What API documentation generator/tool do you use?
I'm a big fan of having a Postman collection of your API en...
re: What API documentation generator/tool do you use?
Can you set up example requests with apiDoc? A quick look o...
re: What API documentation generator/tool do you use?
apiDoc is the generator I couldn't recall the name of! I re...
re: What API documentation generator/tool do you use?
Ah, apiDoc is what I remember using a few years ago. I was ...
re: What API documentation generator/tool do you use?
I like that this is markdown-based, although having to docu...
re: I made DEV.to widget for websites/blogs
Yup, the hash will change for each version of the script pu...
re: I made DEV.to widget for websites/blogs
This is great. Nit: Promote healthy web practices and add s...
re: How to build a documentation culture
The Write the Docs URL is mangled - htts//writethedocs.org ...
re: 3 Amazing ways to generate random numbers without Math.random()
I don't want to toot my own horn, but I did write an articl...
re: Sodium-Plus: A Positive Cryptography Experience for JavaScript Developers
This is awesome!
re: Simple Intro to JWT Basics
Okta has a nice article from a few years ago about using JW...
re: JSON Web Tokens (JWT) vs. SessionID 🔐 ? explained in 2 mins
Don't use JWTs, sessions are your friend. cryto.net/~joepi...
re: If you were tasked to conduct a security audit on a server/database-backed web app, where would you start?
Also, business logic inconsistencies and access control mis...
re: If you were tasked to conduct a security audit on a server/database-backed web app, where would you start?
OWASP has a great web app testing methodology guide to walk...
re: What is your top productivity apps that you cannot live without?
It is malware - dev.to/__shadz_/comment/ejd0
re: Block malicious login attempts, but preventing account lock-outs.
Also, 2FA is the best way to stop bots IMO. Works as an add...
re: Block malicious login attempts, but preventing account lock-outs.
Yes, CSRF is not valid if there is no browser involved, as ...
re: Block malicious login attempts, but preventing account lock-outs.
CSRF will prevent malicious actions like trying to log into...
re: Block malicious login attempts, but preventing account lock-outs.
The only effective way to do this type of attack, guessing ...
re: Block malicious login attempts, but preventing account lock-outs.
I guess the question is why do we want to do this. As Jorge...
re: How do you authenticate your users?
Thanks for reminding me, this is next on my list to write
re: Encrypting Files in a Post-PGP Age
You're totally right re: EC keys. Libsodium is also a great...
re: How to Learn Penetration Testing: A Beginners Tutorial
OWASP Juice Shop is a great intermediate between "ok I've d...
re: How to properly use passwords
Thanks for this article! I want to challenge/comment on a f...
re: How do you authenticate your users?
Auth0 is great. It is hard to stay simple when using a SaaS...
re: How do you authenticate your users?
Love it! Can start considering the samesite attribute as mo...
re: How do you authenticate your users?
I'll have to look at how Adonis's library is implemented. ...
re: How do you authenticate your users?
When you say sessions, do you mean session cookies? In term...
re: What's your opinion on Microsoft's GitHub Acquisition?
I agree that Gitlab, and even Bitbucket, offer more enterpr...
re: What's your opinion on Microsoft's GitHub Acquisition?
Companies should use enterprise Github for that exact reaso...
re: Post-Quantum Cryptography, Part 1: Quantum Computing
The first quantum cryptographic exchange was performed in 1...
loading...