Collaborate Disseminate
In my web app I’m using a good sanitizer which let’s me to whitelist some specific html tags.
I’d like to allow <iframe> so that users can insert youtube videos and so on.
However I’m worried about vulnerabilities that this approach … Continue reading What are the security risks of allowing users to add iframes?
Suppose that I know my server’s FQDN hostname is bobserver and the server is connected to Internet.
Is it possible for the outside world to find my server’s IP address by knowing only the hostname? If so, how?
Continue reading Can I find a remote IP by hostname? [closed]
In a REST API, I’d like to receive images as base64 encoded strings in a JSON objects fron user’s post and save them to disk using node.js fs module.
The request body are objects like:
{ file: ‘data:image/png;base64,iVBO… Continue reading What are the security concerns for base64 encoded JSON files?
This question already has an answer here:
Is an unknown directory structure considered security by obscurity? [duplicate]
1 answer
… Continue reading How insecure is a hidden admin url without authentication? [duplicate]
This question already has an answer here:
Is it safe to send clear usernames/passwords on a https connection to authenticate users?
8 answers
… Continue reading Is it safe to send password as url parameter when using ssl? [duplicate]