A podcast for developers interested in building great software products. Every episode, Adam Wathan is joined by a guest to talk about everything from product design and user experience to unit testing and system administration.
…
continue reading
Вміст надано Owl Creek Studios. Весь вміст подкастів, включаючи епізоди, графіку та описи подкастів, завантажується та надається безпосередньо компанією Owl Creek Studios або його партнером по платформі подкастів. Якщо ви вважаєте, що хтось використовує ваш захищений авторським правом твір без вашого дозволу, ви можете виконати процедуру, описану тут https://uk.player.fm/legal.
Схожі до The React Show
Developer Tea exists to help driven developers connect to their ultimate purpose and excel at their work so that they can positively impact the people they influence. With over 17 million downloads to date, Developer Tea is a short podcast hosted by Jonathan Cutrell, engineering leader with over 15 years of industry experience. We hope you'll take the topics from this podcast and continue the conversation, either online or in person with your peers. Email: [email protected]
…
continue reading
Stay current on JavaScript, Node, and Front-End development. Learn from experts in programming, careers, and technology every week. Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.
…
continue reading
A podcast about web design and development.
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Decoder is a show from The Verge about big ideas — and other problems. Verge editor-in-chief Nilay Patel talks to a diverse cast of innovators and policymakers at the frontiers of business and technology to reveal how they’re navigating an ever-changing landscape, what keeps them up at night, and what it all means for our shared future.
…
continue reading
Best Business Podcast (Gold), British Podcast Awards 2023 How do you build a fully electric motorcycle with no compromises on performance? How can we truly experience what the virtual world feels like? What does it take to design the first commercially available flying car? And how do you build a lightsaber? These are some of the questions this podcast answers as we share the moments where digital transforms physical, and meet the brilliant minds behind some of the most innovative products a ...
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Player FM - додаток Podcast
Переходьте в офлайн за допомогою програми Player FM !
Переходьте в офлайн за допомогою програми Player FM !
))
How To Build Secure React Apps
Manage episode 371615160 series 2954559
Вміст надано Owl Creek Studios. Весь вміст подкастів, включаючи епізоди, графіку та описи подкастів, завантажується та надається безпосередньо компанією Owl Creek Studios або його партнером по платформі подкастів. Якщо ви вважаєте, що хтось використовує ваш захищений авторським правом твір без вашого дозволу, ви можете виконати процедуру, описану тут https://uk.player.fm/legal.
In this episode, delve into the world of web application security and discover practical insights to safeguard your code. Join Thomas as they discuss common threats like SQL injection, cross-site scripting, and request forgery, emphasizing the importance of using secure libraries and following best practices. Explore topics such as data validation, authentication, and authorization, along with the significance of log security and intrusion detection. Gain valuable tips for writing secure code and understand the risks associated with implementing your own cryptography.
thereactshow.com/support
Join The Reactors! thereactshow.com/the-reactors-community
Join our Discord! https://discord.gg/zXYggKUBC2
My book: Foundations of High-Performance React https://www.thereactshow.com/book
Consulting: https://thomashintz.org
Music by DRKST DWN: https://soundcloud.com/drkstdwn
Part 1: Introduction to Web Application Security In this segment, the host discusses the importance of web application security and the potential risks associated with vulnerabilities. The focus is on common threats such as SQL injection, cross-site scripting, and request forgery. The host emphasizes the need for understanding and addressing these threats, even when using frameworks like React that offer built-in security measures.
Part 2: Log Security and Authentication/Authorization The host highlights the significance of log security and cautions against logging sensitive user information that could be exploited. They stress the importance of implementing secure authentication and authorization systems and share insights on common mistakes made in login system implementation. Keeping the login process simple and separate from other code is strongly recommended to minimize vulnerabilities.
Part 3: Data Validation and Libraries/External Services Data validation is discussed, with an emphasis on distinguishing between data sanitization and data validation. The host advises against relying on client-side validation and stresses the importance of validating and sanitizing data on the server-side. They also provide insights on assessing the security of libraries and external services, recommending thorough documentation on secure implementation, policies for handling vulnerabilities, and a high-level security approach.
Part 4: Writing Secure Code and Final Tips The host shares their approach to writing secure code, emphasizing the need for systemic solutions, explicit labeling of untrusted data, and assuming worst-case scenarios to design robust security mechanisms. They caution against overcomplicating security measures and advocate for using well-tested libraries for cryptographic functions. The importance of backups, intrusion detection, and minimizing stored data is also highlighted.
101 епізодів
Поширити
Manage episode 371615160 series 2954559
Вміст надано Owl Creek Studios. Весь вміст подкастів, включаючи епізоди, графіку та описи подкастів, завантажується та надається безпосередньо компанією Owl Creek Studios або його партнером по платформі подкастів. Якщо ви вважаєте, що хтось використовує ваш захищений авторським правом твір без вашого дозволу, ви можете виконати процедуру, описану тут https://uk.player.fm/legal.
In this episode, delve into the world of web application security and discover practical insights to safeguard your code. Join Thomas as they discuss common threats like SQL injection, cross-site scripting, and request forgery, emphasizing the importance of using secure libraries and following best practices. Explore topics such as data validation, authentication, and authorization, along with the significance of log security and intrusion detection. Gain valuable tips for writing secure code and understand the risks associated with implementing your own cryptography.
thereactshow.com/support
Join The Reactors! thereactshow.com/the-reactors-community
Join our Discord! https://discord.gg/zXYggKUBC2
My book: Foundations of High-Performance React https://www.thereactshow.com/book
Consulting: https://thomashintz.org
Music by DRKST DWN: https://soundcloud.com/drkstdwn
Part 1: Introduction to Web Application Security In this segment, the host discusses the importance of web application security and the potential risks associated with vulnerabilities. The focus is on common threats such as SQL injection, cross-site scripting, and request forgery. The host emphasizes the need for understanding and addressing these threats, even when using frameworks like React that offer built-in security measures.
Part 2: Log Security and Authentication/Authorization The host highlights the significance of log security and cautions against logging sensitive user information that could be exploited. They stress the importance of implementing secure authentication and authorization systems and share insights on common mistakes made in login system implementation. Keeping the login process simple and separate from other code is strongly recommended to minimize vulnerabilities.
Part 3: Data Validation and Libraries/External Services Data validation is discussed, with an emphasis on distinguishing between data sanitization and data validation. The host advises against relying on client-side validation and stresses the importance of validating and sanitizing data on the server-side. They also provide insights on assessing the security of libraries and external services, recommending thorough documentation on secure implementation, policies for handling vulnerabilities, and a high-level security approach.
Part 4: Writing Secure Code and Final Tips The host shares their approach to writing secure code, emphasizing the need for systemic solutions, explicit labeling of untrusted data, and assuming worst-case scenarios to design robust security mechanisms. They caution against overcomplicating security measures and advocate for using well-tested libraries for cryptographic functions. The importance of backups, intrusion detection, and minimizing stored data is also highlighted.
101 епізодів
Усі епізоди
×
Ласкаво просимо до Player FM!
Player FM сканує Інтернет для отримання високоякісних подкастів, щоб ви могли насолоджуватися ними зараз. Це найкращий додаток для подкастів, який працює на Android, iPhone і веб-сторінці. Реєстрація для синхронізації підписок між пристроями.
Схожі до The React Show
A podcast for developers interested in building great software products. Every episode, Adam Wathan is joined by a guest to talk about everything from product design and user experience to unit testing and system administration.
…
continue reading
Developer Tea exists to help driven developers connect to their ultimate purpose and excel at their work so that they can positively impact the people they influence. With over 17 million downloads to date, Developer Tea is a short podcast hosted by Jonathan Cutrell, engineering leader with over 15 years of industry experience. We hope you'll take the topics from this podcast and continue the conversation, either online or in person with your peers. Email: [email protected]
…
continue reading
Stay current on JavaScript, Node, and Front-End development. Learn from experts in programming, careers, and technology every week. Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.
…
continue reading
A podcast about web design and development.
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Decoder is a show from The Verge about big ideas — and other problems. Verge editor-in-chief Nilay Patel talks to a diverse cast of innovators and policymakers at the frontiers of business and technology to reveal how they’re navigating an ever-changing landscape, what keeps them up at night, and what it all means for our shared future.
…
continue reading
Best Business Podcast (Gold), British Podcast Awards 2023 How do you build a fully electric motorcycle with no compromises on performance? How can we truly experience what the virtual world feels like? What does it take to design the first commercially available flying car? And how do you build a lightsaber? These are some of the questions this podcast answers as we share the moments where digital transforms physical, and meet the brilliant minds behind some of the most innovative products a ...
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Player FM - додаток Podcast
Переходьте в офлайн за допомогою програми Player FM !
Переходьте в офлайн за допомогою програми Player FM !
