My admin account was hijacked because of a single comment on the board. I dive deep into the 3 types of XSS (Stored, Reflected, DOM) and concrete defense strategies in React/Next.js environments, including HTML Escaping, CSP, and Cookie Security.
A comprehensive deep dive into client-side storage. From Cookies to IndexedDB and the Cache API. We explore security best practices for JWT storage (XSS vs CSRF), performance implications of synchronous APIs, and how to build offline-first applications using Service Workers.
App crashes only in Release mode? It's likely ProGuard/R8. Learn how to debug obfuscated stack traces, use `@Keep` annotations, and analyze `usage.txt`.
Bitcoin is just part of it. How to create trust without a central authority, principles of decentralization, smart contracts, gas fees, Layer 2 solutions, DAOs, and the Oracle Problem.
Why your server isn't hacked. From 'Packet Filtering' checking ports/IPs to AWS Security Groups. Evolution of Firewalls.
XSS is the oldest trick in the book, but it's still in the Top 3. The logic is simple:
Don't let your "safe" React app be the one that leaks 10,000 user accounts because of one unchecked href.
