asayer·2yFront End Security: Threats and Countermeasures
Front-end security is crucial for protecting user data, ensuring user authentication, and establishing secure communication. Common threats include Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and Clickjacking. Preventive measures include implementing Content Security Policy (CSP), input sanitization, CSRF tokens, frame-busting scripts, and HTTPS with valid SSL/TLS certificates.
Community Picks·3yA comprehensive guide to the dangers of Regular Expressions in JavaScript
Learn about regular expression denial of service vulnerabilities and the dangers they pose. Discover how backtracking in regular expressions can cause performance issues and explore methods to solve these issues.
Community Picks·3yGoogle Cloud mitigated largest DDoS attack, peaking above 398 million rps
Google mitigated the largest DDoS attack to date, peaking above 398 million requests per second (rps). The attack used a novel technique called HTTP/2 Rapid Reset based on stream multiplexing. Google coordinated with industry partners to understand the attack mechanics and collaborated on mitigations. The attack vulnerability has been designated as CVE-2023-44487 with a CVSS score of 7.5. Any enterprise or individual serving an HTTP-based workload may be at risk and should apply relevant patches or verify server vulnerability.
InfoSec Write-ups·3yHacking htmx applications
The article discusses the concept of htmx applications, their differences from other web applications, and the potential XSS vulnerabilities. It also explains various attributes in htmx that can be targeted for XSS attacks and ways to control the behavior of htmx applications.
