DEV Community

loading...
Antony Garand profile picture

Antony Garand

Security enthusiast, FullStack developer, challenge solver

Joined Joined on  Twitter logo GitHub logo GitLab logo

All 96 comments

Fizz Buzz Solution JavaScript

Agreed, which is why I initially posted this comment! While i...

What are some interesting visualization libraries?

Something I would consider depending on the type of visualiza...

Fizz Buzz Solution JavaScript

How about a shorter one liner? Still using the ternary operat...

What is Cross-site Scripting (XSS) ? Types of XSS!

Youtube video's aren't always right, especially in smaller va...

What is Cross-site Scripting (XSS) ? Types of XSS!

Self XSS is when the only the victim can hack themselves, suc...

What is Cross-site Scripting (XSS) ? Types of XSS!

Source of the first image in your post: Cloudflare - What is ...

Twitter accounts for Apple, Elon Musk and Bill Gates were hacked

According to this article by Vice, it was an employee who eit...

Bees? Viagra? Whaa?

Cleaning the hack itself is frequently not enough, as hacke...

Explain Angular to Me

Regarding state management, NGRX is the de-facto library fo...

Daily Challenge #100 - Round Up

And here I was, thinking we had to actually round up a number...

7 Most Popular Node.js Frameworks in 2019

Nest is actually platform-agnostic, for which the server wh...

Fonts across browsers

What font it is? If it’s externally loaded, such as google ...

Benefits of using the OpenAPI (Swagger) specification for your API?

In the javascript ecosystem, NestJS is absolutely amazing t...

Domain name

This is an advertisement for someone trying to sell you an ...

Domain name

Jappyjan is talking about EV certificates which definitely ...

Domain name

Of course it is, it uses the same encryption mechanism as e...

Domain name

Ssl is free with let’s encrypt for everyone, so it’s not mu...

My new home office setup

I didn't have much soldering experience, and none on a PCB!...

My new home office setup

DYI is the solution! I built mine for around 200$ CAD, wher...

My new home office setup

If I'm not mistaken, Ben's keyboard is a Das pro 4, which is ...

What is the oddest JavaScript behavior?

So many things! I made posts about my favorites, among whi...

What is the oddest JavaScript behavior?

This makes sense if you assume isNaN means is Not a number,...

Deploying a NestJS Application on AWS Beanstalk

Yes, this is correct, if you use start:prod as launch comma...

Interview Questions for the Javascript Developer: Hoisting, Prototypal Inheritance, and Attribute vs. Property

Few notes: Hoisting only happen with var and with functio...

Deploying a NestJS Application on AWS Beanstalk

The src folder is what I used in my project to store the so...

What's the quickest path into game development for a curious webdev?

I kind of felt the same for a while, but ended up doing gam...

JavaScript typed arrays: Unexpected overflow

I consider this a quirk for two reasons: In C/C++, the ...

Underrated Articles on Dev.to Last Week

This is the cover image, in the front matter of the page! ...

Fathom: An Open Source Google Analytics Alternative

There is also Matomo which has been there for a while now and...

Underrated Articles on Dev.to Last Week

You mean headers? dev.to/p/editor_guide#headers It's using ...

If/else or just if?

In this case, both examples are the exact same of course. ...

If/else or just if?

I prefer the first approach, it's ensures all cases are cov...

Protecting Your React.js Source Code with Jscrambler

Note that this doesn't make the code secret, or impossible ...

Which conferences are you submitting CFPs to?

Hackfest, what else?

Dev.to has implemented Series! Series are cool! Coding Concepts is now a series! Cool!

Feel free to!

Dev.to has implemented Series! Series are cool! Coding Concepts is now a series! Cool!

If like me you were wondering how to create one, you need to ...

Enabling Dark Mode On Websites Based On Surrounding Light

Very nice! I'll try making a POC where the website becomes...

Why Facebook's api starts with a for loop

This was about 10 years ago, when CORS and CSP didn't exist

XSS in Ghost

But you can start a URL with quotes! Thanks to the url aut...

XSS in Ghost

Indeed! But spaces aren't the only way of escaping the attr...

XSS in Ghost

Indeed! The form is a very simple one, with only the confir...

Why Facebook's api starts with a for loop

No, this has been fixed about 10 years ago in the ECMA spec...

When is an array, not an array?

Yea, that's a nice way to trim the end of an array! Interes...

When is an array, not an array?

This weird behavior is caused by arrays, which are actually...

Why Facebook's api starts with a for loop

This is great! I've been following this newsletter since li...

Why Facebook's api starts with a for loop

So, after writing up a full article, including a reference ...

Why Facebook's api starts with a for loop

Thanks, just fixed it!

Why Facebook's api starts with a for loop

This is exactly it! As they load the string version of the ...

Why Facebook's api starts with a for loop

Cors wouldn't work on old browsers, and CORS is also used o...

Why Facebook's api starts with a for loop

Thanks for the feedback, updated the post so it's more clea...

Why Facebook's api starts with a for loop

This attack is used to steal data from another website. Sa...

Why Facebook's api starts with a for loop

In your webpage, you would do the following: <script&...

How do you use an SVG as background image without affecting security?

Don't use a base64'd version of the image, or anything usin...

How to set the language of a post?

I think you need to add it as a tag, so #japanese will cons...

Pwned Together: Hacking dev.to

This patch was also vulnerable ;) As the regex ended with ...

What JS Logging library / tool do you use?

Winston has been my daily driver for a while. Having differ...

Vim won't make you a more productive developer

The reason why I keep using and recommending vim to other d...

Today I Googled: How to Loop Videos on YouTube

No need for an extension, you can add a bookmark with somet...

List of Open-Source Software for Business, you and me

Google docs is not open source FYI

Who's looking for open source contributors? (September 4 edition)

BrawlDB is a website with stats, information and more on th...

Pwned Together: Hacking dev.to

I found the initial XSS within 15 minutes, but the variatio...

Pwned Together: Hacking dev.to

Nice one!

What happens when you submit an article?

If you want to understand MVC, either frameworks both frame...

The Ternary Operator vs The Conditional Operator WTF

Tldr: Binary operator = operator with two variables, su...

Pwned Together: Hacking dev.to

Without the website being open source, I would have to perf...

Security Tips for a PHP Application

You should also use password_needs_rehash once you verified a...

Handling Passwords

From this source: But realistically, this library is on...

Handling Passwords

The important part of hashing passwords is for them not to ...

Handling Passwords

Yes, encrypt the hash, with something strong. Preferably A...

From data leak to account takeover

Of course! After finding the vulnerability, I responsibly d...

SQL: Where spaces may not matter

I'm not that familiar with Oracle but based on this sqlFidd...

SQL: Where spaces may not matter

MySql, MSSql and oracle work from my experience

JavaScript Quiz Part 3

The + operator can either concatenate two elements or perfo...

JavaScript Quiz Part 3

How about []+{} == {}+[]?

Learn from others mistakes: How not to write a PHP install script

Did you send them an email regarding those first? Althou...

CORS, preflighted requests & OPTIONS method

The easiest option would be to avoid the preflight request a...

What happens when you type 'google.com' into a browser and press Enter?

The nonce attribute on a script tag is a CSP-related attrib...

Free website vulnerability scanner for developers

Disclaimer: You are the CEO of Hackmetrix, therefore this i...

Spot the malware

The scenario I am expecting here is for a website to be inf...

Spot the malware

Even there, you need to ensure the domain will be rendered ...

The Shell Introduction I Wish I Had

cd ~ - go to your root directory This should be home a...

Spot the malware

Check out my profile to find more, I've got few security-re...

I have $1,000 for use for technical stuff provided by my company, what should I get?

books Clean Code Clean Coder Clean Architecture Working e...

What tools are in your toolbox?

Nice list! I would add few of my daily drivers to this list...

I'm Addy Osmani, Ask Me Anything!

Hey Addy! Are you aware of performance issues related to s...

The dev.to codebase will go open-source on August 8

This is great! What is the current architecture of the pro...

JavaScript Quiz

Syntax error on 3 and 4, beware of trailing periods! Edit:...

The 7 Most Popular DEV Posts from the Past Week

Could we get the stats of our posts? I'd like to see how th...

How do you negotiate salary for remote jobs?

In my experience, it does if you move a long-distance (such...

How do you negotiate salary for remote jobs?

It should be a mix of where the company is and where you li...

PHP: Return true to win - WriteUp (Part 1)

Thanks!

PHP: Return true to win - WriteUp (Part 1)

This all depends on how you validate your user input! This ...

My commit message workflow

I usually use the first message from What The Commit, but I...

JavaScript: Equality insanity, or where x === 1 && x === 2

So many great horrible examples! I Love it

JavaScript: Watch out for unwanted hoisting!

Hey there, thanks for the feedback! This is not a "best pr...

loading...