Skip to main content

4 posts tagged with "backend"

View All Tags

· 6 min read
Abdeldjalil Fortas

Okay, that's another article about CORS on the internet.

CORS errors are definitely one of the most frustrating errors we face when working on web applications. I don't know what HTTP wizard or how expert you are, but I am sure that you definitely react like Michael Scott here:

Michael Scott screaming at CORS issue

Meme shamelessly stolen from this blog

We may break "CORS" or at least break the security barriers it adds by trying to fix it (without understanding it correctly).

· 6 min read
Abdeldjalil Fortas

If you use any applications that handle sensitive information, you might already have a situation where you get a countdown before you get logged off, this happens if you don’t interact with the website after a certain (short) period.

Streaming platforms also ask you if you are still watching before they stop the video or navigate to the next episode.

· 8 min read
Abdeldjalil Fortas

Being a software developer is a responsibility, it’s a job where we provide secure and stable services and infrastructure to users who trust us (or trust regulations that ensure we are trustworthy).

To learn more about cybersecurity principles, and why some “best practices” matter, I decided to play some CTF challenges instead of only relying on reading articles and scrolling into OWASP top 10’s documentation.

My beginning was with HackTheBox. For some reason, some of the challenges I did had Server-side Template Injection (SSTI) vulnerabilities which I’m starting this blog series with.