If you’re a beginner getting into Go, its mostly quite easy and straightforward. That is, until you get to channels.
At first, everything about channels seems confusing and unintuitive. The fact that not many other popular programming languages have a similar concept, means that channels is one concept that you have to spend some time learning them, if you’re starting your journey with Go.
At the end of this article, you should have all you need to understand how channels work in Go.
There are lots of times where enums are useful, and sometimes even nessecary.
Redux is a terribly simple library for state management, and has made working with React more manageable for everyone. However, there are a lot of cases where people blindly follow boilerplate code to integrate redux with their React application without understanding all the moving parts involved.
There is an entire library, called react-redux whose sole purpose is to seamlessly integrate redux’s state management into a React application. I feel that it’s important to know what’s going on when you do something that essentially forms the backbone of your application.
Google sheets provides an excellent interface for regular users to view and modify data. Wouldnt it be great if we could use this data to power our Firebase application? Well, as it turns out, we can.
In this tutorial, we will be using google scripts, to sync up the data in google sheets and store it in our firebase real time database.
Securing a web application is hard, but it’s also extremely important. There is so much to learn, and the learning curve is so steep, that newcomers to web development are often overwhelmed when they look at all that goes into making a simple login authenticated website.
I made this crash course because I too faced a lot of trouble in learning and implementing most of the security features that come with standard web applications. This was because most of the resources on these topics are scattered and explained in a way not suitable for people just getting started.
This course (read: series of 7 blog posts) is aimed at newcomers who want to get up to speed with some of the most basic and important concepts like password management, session cookies, and some of the most common types of attacks. All posts are kept short, contain examples, and can be completed in a few days.
So, here it is :
- Sessions and cookies
- Password storage
- CORS (Cross origin resource sharing)
- XSS (Cross site scripting)
- CSRF (Cross site request forgery)
- SQL Injection
- Human Error and UI/UX design
These topics are compiled based on my experience in web development. If you have any feedback on a topic that is not covered, let me know in the comments!
Throughout my other posts on web security, we looked at everything that could go wrong with our application from a technical perspective. However, despite all our efforts to make our application objectively as secure as possible, there is still one thing we should keep in mind : our application is going to be used by humans, and humans invariably make mistakes.
Many potential adversaries are aware of this fact and use every opportunity to take advantage of it :
This is the closest I've ever come to falling for a Gmail phishing attack. If it hadn't been for my high-DPI screen making the image fuzzy… pic.twitter.com/MizEWYksBh— Tom Scott (@tomscott) December 23, 2016
This tweet was posted by Tom Scott, a guy who has posted multiple videos on security on the internet. If someone like him can almost fall for an attack like this, chances are, most non-technically oriented people will too.
We as developers should do our best to make sure our users do not get fooled, or are put at risk due to their own mistakes.
Here are a few tips you can implement on your website to save your users from themselves :
Cross site request forgery (CSRF or XSRF), is a type of attack where a request coming from one website is disguised so as to give the impression that it’s coming from another. A XRSF attack is especially deadly as it can go completely unnoticed by a user, and even by the server being targeted.
This post explains what causes CSRF attacks, and what you can do to prevent them as a developer.
Irrespective of what type of website you’re making, if there is a login and authentication involved, you will definitely be dealing with sessions and cookies.
One question that kept me wondering while learning about this myself was : How on earth does the server respond to every users requests uniquely? How does it know which user is sending each request?
subscribe via RSS