Collaborate Disseminate
I’m hosting a simple MariaDB/mySQL server on my Raspberry Pi. I would like to know whether or not this code is secure enough to reject an injection attempt made by login/signup, etc.
function secureUnInject() {
const str = String(argumen… Continue reading What’s an example of a good uninjection in Node.js? (mySQL)
Now this may seem like a stupid question, but it just occurred to me: How secure is base64 encoding compared to (plain) hashing?
Nobody can read base64 code by itself, but it still isn’t that hard to decode it:
atob("SomePasswordInBas… Continue reading Using base64 for secure encoding [duplicate]
From using Node.js for running an entire business, or just a personal home project, how secure really is it?
Having open ports, exposing the main file with personal info (nodemailer info, etc.) or anything else just seems like a bad idea.
… Continue reading How actually secure is Node.js? [closed]
I’ve been obsessed with figuring out Math.random in JavaScript and how it works. because how could you imagine a computer picking a random number? Where does the number come from?
But now I realized crypto.getRandomValues does not use rand… Continue reading How does `crypto.getRandomValues` work in JavaScript, and how is it different from `Math.random`?
From an article for the new Log4j vulnerability, it reads here:
A researcher working for Chinese tech firm Alibaba discovered the bug and privately informed the Apache Software Foundation, an all-volunteer corporation that develops and ma… Continue reading Is my MySQL Server (run by php/apache) affected by the Log4j vulnerability?
What if I was using the MySQL module in Node.js, and my syntax looked like this:
app.post("/", function(req, res) {
const data = req.body.data; // Say the user modified it to be "’; DELETE FROM users;
connection.query(`
… Continue reading NPM package for SQL injections?
I was wondering something about a day ago when I remembered that Apple stores notes in a database (so you can recover them or view them on icloud.com) – What if Apple stores your notes in plaintext?
I’ve heard you shouldn’t store passwords… Continue reading Is it bad practice to store passwords in iCloud notes?
I know that HTTP requests made by the site get the browser’s localStorage for a site, and document.cookie is encrypted for HTTPs websites, but I’m still wondering the risk of storing sensitive information, because even if the hacker got th… Continue reading Cookies VS localStorage (JavaScript Security)
Is it secure to send messages between a WebSocket Server and the Client?
An example of sending messages between a (Socket.io) server, is in Node.js:
socket.on("myMessage", function(msg) {
// "msg" is the message being s… Continue reading Is it secure to send messages between a WS Server and the client?
What’s the alternative to storing plain-text passwords in a Database?
For example, I’m using Node.js to get a POST request for signing up / logging in a user from a webpage.
When signing up a user, I get the parameters for the email and pa… Continue reading What’s the alternative to storing plain-text passwords in a MySQL Database?