Stay current on JavaScript, Node, and Front-End development. Learn from experts in programming, careers, and technology every week. Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.
…
continue reading
Content provided by Owl Creek Studios. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Owl Creek Studios or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Similar to The React Show
Developer Tea exists to help driven developers connect to their ultimate purpose and excel at their work so that they can positively impact the people they influence. With over 13 million downloads to date, Developer Tea is a short podcast hosted by Jonathan Cutrell (@jcutrell), co-founder of Spec and Director of Engineering at PBS. We hope you'll take the topics from this podcast and continue the conversation, either online or in person with your peers. Twitter: @developertea :: Email: deve ...
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
A podcast about web design and development.
…
continue reading
Bitcoin pioneer Charlie Shrem peels back the layers on the lives and backgrounds of the world's most impactful innovators. Centering around intimate narratives, Shrem uncovers a detailed, previously unspoken story of the genesis and evolution of bitcoin, cryptocurrency, artificial intelligence, and the web3 movements. Join Shrem as he journeys through the uncharted territories of tech revolutions, revealing the human side of the stories that shaped the digital world we live in today.
…
continue reading
The American healthcare system is one of the most innovative in the world. But it’s also riddled with complex challenges, such as access to affordable medications, inefficiency and administrative burdens, and communication barriers between providers. There’s clearly a better way—and at Surescripts, we have a unique sightline into what that may be. In this series, host Melanie Marcus, Chief Marketing Officer of Surescripts, sits down with today’s most inspiring and innovative leaders in healt ...
…
continue reading
Investor Shayle Kann is asking big questions about how to decarbonize the planet: How cheap can clean energy get? Will artificial intelligence speed up climate solutions? Where is the smart money going into climate technologies? Every week on Catalyst, Shayle explains the world of climate tech with prominent experts, investors, researchers, and executives. Produced by Latitude Media.
…
continue reading
Discover a whole new take on Artificial Intelligence with Squirro's educational podcast! Join host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and their incredible impact on society, and y ...
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
How To Build Secure React Apps
Manage episode 371615160 series 2954559
Content provided by Owl Creek Studios. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Owl Creek Studios or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
In this episode, delve into the world of web application security and discover practical insights to safeguard your code. Join Thomas as they discuss common threats like SQL injection, cross-site scripting, and request forgery, emphasizing the importance of using secure libraries and following best practices. Explore topics such as data validation, authentication, and authorization, along with the significance of log security and intrusion detection. Gain valuable tips for writing secure code and understand the risks associated with implementing your own cryptography.
thereactshow.com/support
Join The Reactors! thereactshow.com/the-reactors-community
Join our Discord! https://discord.gg/zXYggKUBC2
My book: Foundations of High-Performance React https://www.thereactshow.com/book
Consulting: https://thomashintz.org
Music by DRKST DWN: https://soundcloud.com/drkstdwn
Part 1: Introduction to Web Application Security In this segment, the host discusses the importance of web application security and the potential risks associated with vulnerabilities. The focus is on common threats such as SQL injection, cross-site scripting, and request forgery. The host emphasizes the need for understanding and addressing these threats, even when using frameworks like React that offer built-in security measures.
Part 2: Log Security and Authentication/Authorization The host highlights the significance of log security and cautions against logging sensitive user information that could be exploited. They stress the importance of implementing secure authentication and authorization systems and share insights on common mistakes made in login system implementation. Keeping the login process simple and separate from other code is strongly recommended to minimize vulnerabilities.
Part 3: Data Validation and Libraries/External Services Data validation is discussed, with an emphasis on distinguishing between data sanitization and data validation. The host advises against relying on client-side validation and stresses the importance of validating and sanitizing data on the server-side. They also provide insights on assessing the security of libraries and external services, recommending thorough documentation on secure implementation, policies for handling vulnerabilities, and a high-level security approach.
Part 4: Writing Secure Code and Final Tips The host shares their approach to writing secure code, emphasizing the need for systemic solutions, explicit labeling of untrusted data, and assuming worst-case scenarios to design robust security mechanisms. They caution against overcomplicating security measures and advocate for using well-tested libraries for cryptographic functions. The importance of backups, intrusion detection, and minimizing stored data is also highlighted.
101 episodes
Share
Manage episode 371615160 series 2954559
Content provided by Owl Creek Studios. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Owl Creek Studios or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
In this episode, delve into the world of web application security and discover practical insights to safeguard your code. Join Thomas as they discuss common threats like SQL injection, cross-site scripting, and request forgery, emphasizing the importance of using secure libraries and following best practices. Explore topics such as data validation, authentication, and authorization, along with the significance of log security and intrusion detection. Gain valuable tips for writing secure code and understand the risks associated with implementing your own cryptography.
thereactshow.com/support
Join The Reactors! thereactshow.com/the-reactors-community
Join our Discord! https://discord.gg/zXYggKUBC2
My book: Foundations of High-Performance React https://www.thereactshow.com/book
Consulting: https://thomashintz.org
Music by DRKST DWN: https://soundcloud.com/drkstdwn
Part 1: Introduction to Web Application Security In this segment, the host discusses the importance of web application security and the potential risks associated with vulnerabilities. The focus is on common threats such as SQL injection, cross-site scripting, and request forgery. The host emphasizes the need for understanding and addressing these threats, even when using frameworks like React that offer built-in security measures.
Part 2: Log Security and Authentication/Authorization The host highlights the significance of log security and cautions against logging sensitive user information that could be exploited. They stress the importance of implementing secure authentication and authorization systems and share insights on common mistakes made in login system implementation. Keeping the login process simple and separate from other code is strongly recommended to minimize vulnerabilities.
Part 3: Data Validation and Libraries/External Services Data validation is discussed, with an emphasis on distinguishing between data sanitization and data validation. The host advises against relying on client-side validation and stresses the importance of validating and sanitizing data on the server-side. They also provide insights on assessing the security of libraries and external services, recommending thorough documentation on secure implementation, policies for handling vulnerabilities, and a high-level security approach.
Part 4: Writing Secure Code and Final Tips The host shares their approach to writing secure code, emphasizing the need for systemic solutions, explicit labeling of untrusted data, and assuming worst-case scenarios to design robust security mechanisms. They caution against overcomplicating security measures and advocate for using well-tested libraries for cryptographic functions. The importance of backups, intrusion detection, and minimizing stored data is also highlighted.
101 episodes
All episodes
×
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Similar to The React Show
Stay current on JavaScript, Node, and Front-End development. Learn from experts in programming, careers, and technology every week. Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.
…
continue reading
Developer Tea exists to help driven developers connect to their ultimate purpose and excel at their work so that they can positively impact the people they influence. With over 13 million downloads to date, Developer Tea is a short podcast hosted by Jonathan Cutrell (@jcutrell), co-founder of Spec and Director of Engineering at PBS. We hope you'll take the topics from this podcast and continue the conversation, either online or in person with your peers. Twitter: @developertea :: Email: deve ...
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
A podcast about web design and development.
…
continue reading
Bitcoin pioneer Charlie Shrem peels back the layers on the lives and backgrounds of the world's most impactful innovators. Centering around intimate narratives, Shrem uncovers a detailed, previously unspoken story of the genesis and evolution of bitcoin, cryptocurrency, artificial intelligence, and the web3 movements. Join Shrem as he journeys through the uncharted territories of tech revolutions, revealing the human side of the stories that shaped the digital world we live in today.
…
continue reading
The American healthcare system is one of the most innovative in the world. But it’s also riddled with complex challenges, such as access to affordable medications, inefficiency and administrative burdens, and communication barriers between providers. There’s clearly a better way—and at Surescripts, we have a unique sightline into what that may be. In this series, host Melanie Marcus, Chief Marketing Officer of Surescripts, sits down with today’s most inspiring and innovative leaders in healt ...
…
continue reading
Investor Shayle Kann is asking big questions about how to decarbonize the planet: How cheap can clean energy get? Will artificial intelligence speed up climate solutions? Where is the smart money going into climate technologies? Every week on Catalyst, Shayle explains the world of climate tech with prominent experts, investors, researchers, and executives. Produced by Latitude Media.
…
continue reading
Discover a whole new take on Artificial Intelligence with Squirro's educational podcast! Join host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and their incredible impact on society, and y ...
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
