A guide to configuring Content-Security-Policy (CSP) headers in a local 11ty development environment for faster testing.
A developer refactors an outdated JavaScript performance snippet to improve security and adhere to modern web best practices.
A tutorial on building a custom, session-based authentication system in JavaScript and TypeScript, covering secure password handling and session management.
Explains why eBPF observability tools, designed for low overhead, are not suitable for security monitoring due to evasion risks.
An overview of Django's built-in session management system, explaining its security features and how to configure them for robust user data protection.
An overview of core cryptography concepts and their implementation in Python, based on a presentation by Andrew Sillers.
Announcing django-denied, a Django package that enforces authorization by denying all views by default for enhanced security.
A blogger shares their 2022 goals for writing, media production, and software development, focusing on accountability and personal growth.
Using Python's pytm framework to threat model the security flaws in the fictional systems of Jurassic Park.
Critique of npm audit's flaws, arguing its default rollout was rushed and harmful to front-end development workflows.
Explains the purpose of React's $$typeof property, a security feature using Symbols to prevent XSS attacks in React elements.
