Tips for Managing npm Dependencies
Part of the reason why Node.js is so appealing is that it allows for easy application extensibility; you focus on your core competencies, and if you need additional features or functionality, you can include them by adding dependencies.There are multiple downsides to the modularity of Node.js and the use of ... Read More
HTTP Request Smuggling: A Primer
One of the security issues you might face with your website or web app is request smuggling.HTTP request smuggling is a security vulnerability that allows an attacker to interfere with the way a server processes the HTTP requests it receives. It allows attackers to bypass security controls and gain access ... Read More
Mitigating NoSQL Injection Attacks: Part 2
This is the second part of a two-part series on NoSQL injections. Last time, we covered the anatomy of a NoSQL injection, as well as how to mitigate it. In this post, we will look at specific injection attack types, namely Server-Side JavaScript and Blind NoSQL injections.In our last article, ... Read More
Mitigating NoSQL Injection Attacks: Part 1
In this first part of a two-part post series, we’ll reconstruct a NoSQL injection and cover the basics of mitigating it. In the second part, we’ll look at Server-Side JavaScript and Blind Injection attacks against NoSQL databases.If you’re not validating or escaping user-manipulated input properly, you may find malicious parties ... Read More
