• Simple Explanation of XSS Attacks

    Cross-Site Scripting attack (XSS), is one of the top 10 OWASP most critical web application security risks.
    As a developer I pay extra attention to this attack, because it is 100% caused by a vulnerable code, and it is 100% developer responsibility to protect against this attack.

    read more ...
    Hadoop and Map Reduce - Part 3

    The chances are, the most common software you will hear about while you are navigating the Big Data World, is Hadoop.
    Hadoop by itself, is very important and widely used computational platform, and adding to that, it is the base of other software, technologies and applications that are built on top of it.
    Lots, and lots of important technologies, and software in different domains and business are built on Hadoop.
    Hadoop is complex and its computational framework MapReduce is complex, but the good news is there is a good chance that you can use all of the technologies that are built on Hadoop without the need to learn or deal with Hadoop at all.
    In spite of that, still understanding the basic concepts of Hadoop will give you a boost in the Big Data World, becuase you will encounter its concepts in other technologies and software.

    read more ...
    Advanced HTTPS

    Adding an SSL Certificate and enabling HTTPS on your web site is not the end of the road for securing your website, and securing the communication to your website.
    It is just the start, and you need to do more steps related to HTTPS to guarantee your site safety, and your visitor safety. In this post I am going to describe:

    1. TLS and its algorithms in more depth.
    2. Insecure protocols, and algorithm.
    3. Best algorithm combination.
    4. Redirect from HTTP using HSTS.

    read more ...
    Universal (Isomorphic) React Application. Beyond the basics.

    I decided to write this post, because I didn’t find any blog post, article, or a tutorial that will sum up for developers what the issues they are going to face when they build a universal application.
    If you googled a tutorial on how to build a universal react application, you will find a lot, but most of them are just covering the surface, hello-world examples. But as you go further, or even you decided to use one of the universal frameworks/boilerplate, you will start to face some issues and difficulties.

    read more ...
    Redux Vs. MVC, Why and How?

    In last two or three years, we started to see the rise of Redux-based (or Unidirectional data flow architecture in general) in the user interface side of the applications, and the slowly decline of MVC based architecture in the UI side.
    What Redux has of advantages over MVC, and what problems it solves? I am going to show what the benefits of Redux over MVC.
    Redux library by itself is not enough to build a whole system, and this is why there is an ecosystem developed around Redux. I am going to show the basic ecosystem needed to build a Redux application, or the essential building blocks of a any redux-based application.

    read more ...