What Is mTLS and How Does It Work? Apr 30, 2020 162 Mutual TLS: Stuff You Should Know Mar 19, 2020 161 tls , protocols Don’t Try to Sanitize Input—Escape Output Feb 27, 2020 160 sanitization , escaping Encrypting DNS Query Bad for Performance? erw )Feb 20, 2020 159 performance , dns , http , encryption Apple Joins FIDO Alliance, Commits to Getting Rid of Passwords zdn )Feb 12, 2020 158 apple , fido , passwords , authentication How to Automatically Update Your JavaScript Dependencies spa /clo )Jan 30, 2020 157 how-tos , javascript , dependencies , automation , processes What SSL Is, and Which Certificate Type Is Right for You Jan 29, 2020 156 ssl , certificates , privacy , concepts Usability and Security; Better Together 24w )Dec 22, 2019 155 usability , user-experience Server-Side Includes (SSI) Injection owa )Dec 4, 2019 154 ssi How Internet Security Works: TLS, SSL, and CA osd )Nov 18, 2019 153 tls , ssl , protocols , certificates Web Feature Developers Told to Dial Up Attention on Privacy and Security rip /tec )Sep 11, 2019 152 w3c , privacy , web-platform Security and Privacy for Our Times luk /w3c )Sep 11, 2019 151 privacy , web-platform CSS Security Vulnerabilities chr /css )Sep 9, 2019 150 css , privacy , vulnerabilities Understanding Subresource Integrity dre /sma )Apr 9, 2019 149 hashing , embed-code W3C Strategic Highlights: Web for All (Security, Privacy, Identity) w3c )Mar 18, 2019 148 w3c , privacy , authentication Guide to Web Authentication Jan 24, 2019 147 websites , authentication , webauthn , javascript It’s Beginning to Look a Lot Like XSSmas 24w )Dec 17, 2018 146 vulnerabilities , csrf , xss Protecting Your Site With Feature Policy rac /sma )Dec 12, 2018 145 http-headers , http AWS Security Guide: 7 Best Practices to Avoid Security Risks Oct 31, 2018 144 guides , aws , best-practices WebAuthn, FIDO2 Infuse Browsers, Platforms With Strong Authentication dar )Sep 19, 2018 143 w3c , fido , authentication , webauthn , browsers In Your Face, Passwords: Big Three Browsers All Adopt Authentication API Aug 1, 2018 142 authentication , webauthn , apis , edge , microsoft , chrome , google , firefox , mozilla , browsers HTTPS Is Easy tro )Jun 27, 2018 141 websites , http WordPress Security as a Process sma )Jun 21, 2018 140 wordpress , processes Making Your Website Faster and Safer With Cloudflare Jun 12, 2018 139 performance , caching , cloudflare Validating Dependencies in the Project With npm-check and depcheck Jun 1, 2018 138 dependencies , maintenance , auditing , tooling , npm Third Party CSS Is Not Safe jaf )Feb 27, 2018 137 html , css , embed-code Attackers Can Steal Sensitive Data by Abusing CSS—CSS Exfil Vulnerability Feb 7, 2018 136 css , csp Building Secure JavaScript Applications Jan 18, 2018 135 javascript , xss , csrf , json-web-tokens , passwords Creating Secure Password Resets With JSON Web Tokens sma )Nov 9, 2017 134 passwords , json-web-tokens , nodejs The Complete Guide to Switching From HTTP to HTTPS sma )Jun 12, 2017 133 guides , http How (Not) to Control Your CDN mno )Jun 7, 2017 132 content-delivery , caching , http How to Secure WordPress With SSL May 10, 2017 131 how-tos , wordpress , ssl Encrypting IP Addresses ber )May 7, 2017 130 ip , network , privacy , encryption How to Secure Your Web App With HTTP Headers sma )Apr 3, 2017 129 how-tos , web-apps , http , http-headers , csp Just Another HTTPS Nudge chr /css )Mar 3, 2017 128 http On EME in HTML5 tim /w3c )Feb 28, 2017 127 eme , drm , html , legal , standards , w3c Using SSH Securely ann )Jan 24, 2017 126 ssh More Than 300 Federal Gov Websites Fail to Meet Domain Encryption Deadline Jan 4, 2017 125 http , tls , protocols , encryption Content Security Policy Level 2 mik +/w3c )Dec 15, 2016 124 standards , csp Content Security Policy, Your Future Best Friend sma )Sep 12, 2016 123 csp , link-lists A Refined Content Security Policy web )Aug 5, 2016 122 html , csp , webkit , safari , apple , browsers The Performance Benefits of “rel=noopener” jaf )Jul 21, 2016 121 html , links , performance Web Platform Security Boundaries ann )Jun 24, 2016 120 web-platform Subresource Integrity dev +/w3c )Jun 23, 2016 119 hashing , html , standards W3C Looks to Secure the Web sdt )Feb 17, 2016 118 w3c , authentication Distribution Packages Considered Insecure Feb 13, 2016 117 dependencies , unix-like The Current State of Web Security (An Interview With Anselm Hannemann) hel +/css )Jan 18, 2016 116 interviews , http , ssl , tls , encryption , cloudflare Eliminating Known Vulnerabilities With Snyk sma )Jan 13, 2016 115 vulnerabilities , tooling 10 Web Predictions for 2016 cra )Jan 6, 2016 114 web , outlooks , site-generators , browsers , css , mobile , performance , webassembly , seo HSTS and “Let’s Encrypt” tka )Jan 4, 2016 113 http , http-headers , ssl An in-Depth Look at CORS Dec 17, 2015 112 cors , javascript , php Why Passwordless Authentication Works cra )Nov 10, 2015 111 authentication , passwords Introduction to TLS and SSL ope )Aug 22, 2015 110 introductions , tls , ssl , protocols , certificates A Simple Developer Error Is Exposing Private Information on Thousands of Websites owe )Jul 27, 2015 109 version-control , git , mistakes , vulnerabilities More Tips to Further Secure WordPress eli )Jul 9, 2015 108 wordpress , tips-and-tricks , plugins Improving Web Security With the Content Security Policy Jun 24, 2015 107 csp , http Deprecating HTTP yoa )May 11, 2015 106 http , protocols Mozilla Wants to Deprecate Non-Secure HTTP, Will Make Proposals to W3C “Soon” epr /ven )Apr 30, 2015 105 mozilla , http Want Fancy Firefox Features? Secure Your Website sts /cne )Apr 14, 2015 104 firefox , mozilla , browsers , http WordPress Front End Security: CSRF and Nonces css )Mar 24, 2015 103 wordpress , csrf Introduction to WordPress Front End Security: Escaping the Things css )Mar 23, 2015 102 introductions , wordpress , escaping What Are the Security Risks of HTML5 Apps? Mar 18, 2015 101 web-apps , sanitization Moving to HTTPS on WordPress chr /css )Mar 6, 2015 100 wordpress , http Same-Origin Policy ann )Feb 23, 2015 99 cors , web-platform Securing the Web w3c )Jan 23, 2015 98 web-platform It’s Time to Encrypt the Entire Internet kli /wir )Apr 17, 2014 97 web , http , ssl , encryption Cross-Origin Resource Sharing ann /w3c )Jan 16, 2014 96 cors , standards Despite Automatic Updates, Old Browsers Are Still a Problem edb /zdn )Jan 6, 2014 95 browsers , web-platform , chrome , google , firefox , mozilla , internet-explorer , microsoft , safari , apple Cross-Origin Resource Sharing on Track to Become a W3C Recommendation sdt )Jan 3, 2014 94 w3c , cors , standards Bid to Kill CAPTCHA Security Test Gains Momentum Aug 5, 2013 93 captcha , accessibility We Should All Have Something to Hide Jun 12, 2013 92 privacy Mobile Website Security May 14, 2013 91 mobile , hosting , policies WordPress Security Tips Apr 17, 2013 90 wordpress , tips-and-tricks Brad Hill: “HTML5 Security Realities” chr /css )Feb 22, 2013 89 slides , xss , html Bulletproof Your Drupal Website Jan 21, 2013 88 drupal Top 10 PHP Security Vulnerabilities Oct 15, 2012 87 php , vulnerabilities A Front End Engineer’s Manifesto zac )Aug 24, 2012 86 websites , manifestos , user-experience , progressive-enhancement , simplicity , foss , accessibility , community , learning A JavaScript Security Flaw Aug 9, 2012 85 javascript The Secure Programmer’s Pledge Jul 16, 2012 84 manifestos An Introduction to Content Security Policy mik /dev )Jun 15, 2012 83 introductions , csp Cross-Site Scripting Attacks (XSS) Apr 30, 2012 82 xss , examples How to Secure Your WordPress Website sma )Nov 10, 2011 81 how-tos , wordpress , link-lists Using CORS dev )Oct 26, 2011 80 cors XML Encryption Flaw Leaves Web Services Vulnerable eur )Oct 24, 2011 79 web-services , xml , encryption Some Notes on the Recent XML Encryption Attack w3c )Oct 24, 2011 78 xml , encryption HTTPS Is More Secure, So Why Isn’t the Web Using It? ars )Mar 20, 2011 77 http , protocols , web Web Cryptography: Salted Hash and Other Tasty Dishes ali )Feb 22, 2011 76 cryptography What Are the JSON Security Concerns in Web Development? sim )Jan 6, 2011 75 json What Is Cross Site Scripting or XSS? chr /css )Nov 19, 2010 74 xss , javascript , concepts Web Developers Accountable for HTML 5 Security Oct 5, 2010 73 html HTML5 Raises New Security Issues Aug 20, 2010 72 html , browsers 10 Useful WordPress Security Tweaks sma )Jul 1, 2010 71 wordpress Web Security: Are You Part of the Problem? cod /sma )Jan 14, 2010 70 vulnerabilities , php , javascript Full Frontal ’09: Chris Heilmann on JavaScript Security mic /aja )Nov 20, 2009 69 javascript Finally Something to Get a Few More Users Off of IE 6? dal /aja )Dec 17, 2008 68 internet-explorer , microsoft , browsers The Internet Is Closing to Innovation zit /new )Nov 28, 2008 67 web You Could Be Getting Clickjacked tec )Nov 21, 2008 66 vulnerabilities , frames , w3c Video and Audio Tags and Cross Origin Access dal /aja )Nov 10, 2008 65 html , multimedia Dumb Security Tips: Think Before You Follow Online Guides tan )Oct 26, 2008 64 tips-and-tricks Simon Willison, @Media Ajax mic /aja )Sep 16, 2008 63 ajax , xss , csrf , javascript , json Evil GIFs: Hiding Java in Your Image dal /aja )Jul 4, 2008 62 gif , images , java Internet Explorer 8 Promises Better Standards Compliance… and a Whole Lot More est /cio )Mar 6, 2008 61 internet-explorer , microsoft , browsers , standards JavaScript Security Experiments mar )Feb 7, 2007 60 javascript , experiments DOM vs. Web mno )Apr 20, 2006 59 http , dom Top 7 PHP Security Blunders Dec 21, 2005 58 php , databases , sql Validate Your Input! May 9, 2005 57 validation JavaScript Security Oct 4, 2004 56 javascript File Upload Security lac )Sep 8, 2004 55 html , file-handling Spot the Security Hole Jul 3, 2004 54 php JavaScript and Security sim )Apr 19, 2004 53 javascript Handling Content From Strangers Mar 26, 2004 52 content Web Services Security Gets Serious Apr 23, 2003 51 web-services Getting Started With XML Security Nov 28, 2002 50 introductions , xml Sorting Out the Web Services Security Landscape tec )Aug 28, 2002 49 web-services , ssl , w3c SSL Checker (EXPERTE.com) 48 tools , analysis , ssl , certificates ASCII to Unicode Encoder and Decoder 47 tools , exploration , conversion , unicode , encoding security.txt Generator 46 tools , exploration , content WebRTC and IP Address Leak Checker 45 tools , exploration , network , webrtc , ip , protocols Website Headers Analyzer (Dries Buytaert) dri )44 tools , analysis , http , http-headers User Identity Generator 43 tools , exploration , placeholders , randomness Subresource Integrity Hash Generator moz )42 tools , exploration , hashing SSL Client Checker 41 tools , exploration , ssl , tls SPF Record Generator 40 tools , exploration , dns , domains SHA-512 Hash Generator 39 tools , exploration , hashing Security Leak Victim Checker 38 tools , exploration Password Security Checker 37 tools , exploration , passwords Password Security Checker and Generator 36 tools , exploration , passwords Password Generator (Gibson Research Corporation) 35 tools , exploration , passwords Password Generator (Frontend Dogma) fro )34 tools , exploration , frontend-dogma , passwords Password Generator (Arantius.com) 33 tools , exploration , passwords MD5 Hash Generator 32 tools , exploration , hashing HMAC Checker 31 tools , exploration Hash Generator 30 tools , exploration , hashing Executable File Analyzer 29 tools , exploration Device Vulnerability Checker 28 tools , exploration , vulnerabilities CSR Decoder 27 tools , exploration “chmod” Calculator 26 tools , exploration , permissions Browser Fingerprint Checker 25 tools , exploration , browsers Blowfish Hash Generator 24 tools , exploration , hashing AES Encrypter and Decrypter 23 tools , exploration , encryption Website Security Checker (Norton) 22 tools , analysis Website Security Checker (Google) 21 tools , analysis Website Scam Checker 20 tools , analysis Website Headers Analyzer (Security Headers) 19 tools , analysis , http , http-headers Website Headers Analyzer (Mozilla) moz )18 tools , analysis , http , http-headers Website Certificate Fingerprint Checker 17 tools , analysis , certificates Virus Scanner 16 tools , analysis SSL Checker (SSL Shopper) 15 tools , analysis , ssl , certificates SSL Checker (Qualys) 14 tools , analysis , ssl , certificates SPF Record Checker 13 tools , analysis , dns , domains Site and Origin Comparer 12 tools , analysis , comparisons Malware and Security Scanner 11 tools , analysis Email Blacklist Checker 10 tools , analysis , email Domain or IP Spam Checker 9 tools , analysis , domains DNSSEC Checker 8 tools , analysis , dns Cross-Site WebSocket Hijacking Tester 7 tools , analysis Cookie Use Checker 6 tools , analysis , cookies Content Security Policy Validator (Google) 5 tools , analysis , csp , conformance Content Security Policy Validator (CSP Validator) 4 tools , analysis , csp , conformance Abuse Contact Lookup 3 tools , analysis , policies Server Port Scanner 2 tools , analysis , network , servers Website Experience Analyzer 1 tools , analysis , performance , user-experience 