I’ve been exploring a couple of different options when it comes to serverless authentication providers, and I was both pleased and surprised to find how little …

Let’s take a look at how we can quickly hash out a correct two-factor authentication (2FA) solution for our web applications. First off, let’s work out the …

The Content-Security-Policy header is a bit frightening — will I break my website if I suddenly start blocking requests for external resources? In this article we go over a gradual approach to adopting CSP.

Earlier this year my team at Snyk added an interesting Cross-Site Scripting (XSS) vulnerability to our database, in the popular marked package. The vulnerability is …

I’ve recently upgraded Pony Foo to use the https protocol, something I’ve been meaning to do for a while. It’s super easy to do so, and …