Digests » 196
this week's favorite
Twitter came of age when hardware from physical enterprise vendors ruled the data center. Since then we've continually engineered and refreshed our fleet to take advantage of the latest open standards in technology and hardware efficiency in order to deliver the best possible experience.
This section is a compendium of Advanced SQL tricks you can customize for your analysis. Not all databases support all of these recipes, we've made a note where applicable. Even if you're a pro with SQL, we've started out each recipe with a couple of real-life examples. Hope to spark your inspiration!
Most of the time when we see a code snippet online to do something, we often blindly copy paste it to the terminal. Even the tech savy ones just see it on the website before copy pasting. Here is why you shouldn't do this. Try pasting the following line to your terminal (SFW)
Clickjacking, XSS and CSRF, exploits that have been around for 15+ years now and still form the basis for many vulnerabilities on the web today. If you spend any time around bug bounty programs you will notice similar patterns with these exploits, that many could have been prevented with just a few HTTP Headers in place. A website that goes into production without these is asking for an exploit. Even if they have “other mitigations” in place, on most platforms it takes all of 5 minutes to add in a custom header which could save your site from an unfortunate vulnerability.
As a developer, you’re in the business of managing complexity. And code is inherently complex. By writing as little code as necessary to solve the task at hand, you’ll have fewer concerns down the road.