Playing: 159: Hasty Treat - Front End Security
Jan 29th, 2020
Potluck - Dev Culture Fit × Slack Communities × Vanilla JS × Backpacks × Raspberry Pi × More!
Jan 27th, 2020
Hasty Treat - Building A Community Slack, Discord, Spectrum, Discourse, Forums
Jan 20th, 2020
Hasty Treat - Picking the Stack for uses.tech - Gatsby, React, Context, Styled Components
Jan 1st, 2020
Potluck - Fonts × Frameworks × Teas × Coding Subscriptions × Client Work × More!
Dec 4th, 2019
Potluck - Tabs are better? × Coding Music × SEO × Is Angular good? × Biggie Smalls × Soy Sauce × More!
Nov 6th, 2019
Potluck - Gatsby vs Next × Is Google Home spying on you? × Flat File CMS × CSS Frameworks × Hosting Client Sites × More!
Oct 9th, 2019
Potluck - Terminal Configs × CSS Reset × Flexbox × Freelancing × NPM Dependencies × Project Hand-off × More!
Sep 18th, 2019
Potluck - Why Webpack? × Serverless × Agencies × Recruiters × CSS Grid × MQ in Styled Components
Aug 21st, 2019
Potluck - Deploying Applications × Typescript × Live Coding with Twitch × Fullstack Architecture × More!
Jul 31st, 2019
Potluck - What is "State"? × Web Sockets × Remote Working × Firefox × Machines Taking Our Jobs × More!
Jun 26th, 2019
Potluck - Career Switch at 33 × Cover Letters × Kids × Learning Quickly × More!
May 29th, 2019
Potluck - CSS × Angular × Dev job preparation × Svelte × File organization × Gear × More!
May 1st, 2019
Potluck - Media Queries × NPM Vulnerabilities × Fullstack JS vs JAMstack × Web VR/AR × Switching Jobs × More!
Apr 3rd, 2019
Potluck - Interview Qs × Headless CMS × React Hooks × Resume Design × Redux vs Context × More!
Mar 6th, 2019
Potluck - Are classes dead? × Tutorials vs Real Life × CRA vs Next × Scraping × More
Mar 4th, 2019
Hasty Treat - Authentication - LocalStorage vs Cookies vs Sessions vs Tokens
Feb 27th, 2019
How We Manage Our Lives — Notion, Todos, Notes, Focusing, Calendars, Goal tracking, and more!
Feb 6th, 2019
Potluck - Changing careers × Repo organization × CSS Grid × Certifications × Freelancing × Spammers × More
Jan 10th, 2019
Potluck - Where to start with JS × Freelancing × Cron jobs × Split testing × Frameworks in 2019 × More
Dec 19th, 2018
Potluck - Typescript × E-commerce platforms × Job-hopping × Working for agencies × more
Dec 17th, 2018
Hasty Treat - Where are they now?! Gulp, Grunt, Bower, Backbone and Compass
Nov 21st, 2018
Potluck - $100/hr × Redux Replacements × Full Stack Designers × JWT × VS Code Tips × More
Oct 26th, 2018
Potluck - Working with designers × Is WordPress Crap? × When to stop working × More
Aug 29th, 2018
Potluck - Programming Languages × Soft Skills × PHP vs JS × Breakdancing x Spice Blends
Aug 1st, 2018
Potluck - Editor Fonts × Portfolios × Meetup Tips × Switching to Windows × Freelancing Sources
Jul 24th, 2018
The Undocumented Web - scraping, private APIs, proxies and “alternative solutions”
Jul 18th, 2018
Advice For Beginners - Tech Skills, Applying for Jobs, Focus, Imposter Syndrome + More
Jul 4th, 2018
Potluck EP × Remote Work × Headless WordPress × Good Client Questions × Alternate Careers × React API Credentials
May 9th, 2018
Potluck EP × Is Redux Dead × Learning Quickly × Developing Solo × Specialist vs Generalist × Funnest Projects × Wes’ BBQ Course
Apr 18th, 2018
Potluck EP × Vue.js × Headless WP × Typescript & Flow × Productivity × Server Side Rendering × Yeoman
Feb 7th, 2018
Wes and Scott's Lives - Breakdancing, BBQ, Wives, Work/Life Balance, Problem Solving, YouTube Subscriptions
Jan 31st, 2018
Snack Pack — CSS Frameworks, React HOC, Render Props, Coding Designers, Early Career Advice and a sound board!
Jan 24th, 2018
Hosting & Servers — Heroku, Now, Galaxy, Digital Ocean, Linode, Docker, Netlify and more!
Nov 29th, 2017
What's New in CSS? Variables, Scoping, New Selectors and Color Functions
Nov 1st, 2017
22 Buzz Words Explained — Mutations, Pure Functions , Serverless, Hoisting, MVC + More
Oct 18th, 2017
Tasty Treats — Rems VS Ems, Remote Work, Making Money, Getting good at Design + more! 🍬
Jul 8th, 2019
Hasty Treat - Front End Security👇 Download Show✏️ Edit Show Notes
In this Hasty Treat, Scott and Wes talk about front end security and what to do in order to avoid hacking.
Sentry - Sponsor
If you want to know what's happening with your errors, track them with Sentry. Sentry is open-source error tracking that helps developers monitor and fix crashes in real time. Cut your time on error resolution from five hours to five minutes. It works with any language and integrates with dozens of other services. Syntax listeners can get two months for free by visiting Sentry and using the coupon code "tastytreat".
2:53 - SSL
- Encrypted transfer of information
- Digitally binds a cryptographic key to an organization's details
- Web-cam, geolocation, etc.
6:15 - innerHTML
- React's dangerouslySetInnerHTML
- Name intentionally chosen to be frightening
- Allows you to write HTML to the DOM
- Data should be sanitized before used in prop
- Removes unexpected data from string
- Used to prevent cross site scripting attacks
10:25 - Don't trust the client
- The client can be manipulated to send any info to your server
- E-commerce example — don't take the price total from the front end to make the charge, DB call and calculate on the server
- Validate form inputs via HTML 5 field validation/check data types on the server
- Don't allow your users to send an object when it should just be a string
- Get this for free with GraphQL via types
13:41 - PCI Compliance
- Protect card holder data
- SSL or Secure iFrame
- Encrypt transmission of card data
- Restrict access to card holder data
Restrict physical access
- Front of front-end
16:44 - Tips
Don't put a name on sensitive fields if you are using JS
- HTTP only cookies
- Local Storage tokens