curiousBoy – WindowsTechs.com

Is Antiforgery Validation really needed for Login page when external return URL is not allowed?

Posted on February 17, 2022 by curiousBoy

I fallen in a scenario that

User opens two tabs for login page and try to login on both

Instead of showing an error message to user (I can’t think of a good meaningful message to explain antiforgery validation to end user anyways), I wan… Continue reading Is Antiforgery Validation really needed for Login page when external return URL is not allowed?→

How to ensure the third party CDN is secure (and stays secure)?

Posted on April 24, 2018 by curiousBoy

Most of the modern applications are using CDN for third party libraries. For example, let’s say I use xxxv2.min.js from cdn.example.com/xxxv2.min.js
Everything is good, until the day that company has been hacked and their min… Continue reading How to ensure the third party CDN is secure (and stays secure)?→