Explore >> Select a destination
|
You are here 
|
blog.kotowicz.net | ||
| | | | |
jfhr.me
|
|
| | | | | You've probably heard that HTTPS makes websites more secure. That's true, but HTTPS has some limitations, and Strict Transport Security and Preloading are ways you can overcome those limitations. | |
| | | | |
blog.acrossecurity.com
|
|
| | | | | The Fixed Bounty Bug Revealed Last month Google awarded our security analyst Luka Treiber a Chromium Security Reward for a high-severity ... | |
| | | | |
www.matuzo.at
|
|
| | | | | An introduction to Cross Site Scripting and XSS prevention. | |
| | | | |
mathieu.fenniak.net
|
|
| | | Cross-site request forgery (CSRF) is a type of security exploit where a user's web browser is tricked by a third-party site into performing actions on websites that the user is logged into. It is often a difficult attack to pull off, as it requires a number of factors to line up at once. Protecting against it requires good discipline and good design practices, especially when it comes to protecting Web APIs. Here's a brief example of a fictitious CSRF attack against a bank: | ||
