Preventing Cross Site Scripting (XSS) attacks is a daunting task for developers. In short, XSS attacks are an injection attack in which data that is structurally significant in the current context changes the intended semantics and/or functionality. While there are great resources online that walk you through prevention techniques (one of the best security resources is The Open Web Application Security Project, or OWASP, website), it’s easy to get confused when you try to implement all of the necessary safeguards.
Below, I’ve outlined four simple steps that significantly lower the risk of XSS attacks against your website. By being a bit more restrictive, we can simplify our approach to preventing XSS Continue reading XSS Prevention in Four Simple Steps
Just want to say that Davin Granroth has exemplified what it means to be financially wise over the past 3 years. He’s made great strides through sacrifice and restraint, whilst being generous to many. Essentially, God has allowed him to go All-Chuck-Norris on some debt, and it’s been a great pleasure to watch.
Now, if the Richardsons can just learn from his example instead of just watching and enjoying his progress, we’d really be on to something 🙂
This video is fantastic! I literally laughed aloud several times. If you’re a developer, I encourage you to watch it. Rich Hickey takes some digs at Agile, TDD, and OOP; provides ideas on pursuing simplicity in system development; and reveals some keen insights into his language design choices:
Rich always provides great talks, but this one is one of the best, most entertaining I’ve seen. And, my word of the week is now “complect.”
I love how well spoken, down-to-earth, and frank Dave Thomas is in this video at Channel 9 taken at the SPLASH 2011 Conference.
No, it’s not because of his answer to the question “What’s the state of Object Oriented Programming today in your mind?”, to which he responded that:
I think the state is that it’s commercially immensely successful, but practically, I think it’s a disaster.
Although I did agree with much of his analysis on that particular question, I sincerely believe that the whole video has wise words for anyone working as a developer now and in the near future.
And, of interest to me was the fact that he really appreciated the “good engineering decisions” represented in the design of Google’s Dart langauge.