✕ Clear all filters
11 articles
▶ Videos →

📰 Dev.to · Stefan

11 articles · Updated every 3 hours · View all reads

All Articles 102,487Blog Posts 115,501Tech Tutorials 25,971Research Papers 21,000News 16,030 ⚡ AI Lessons
Real-World CVE HTTP Request Smuggling Apache mod_proxy Example
Dev.to · Stefan 🔐 Cybersecurity ⚡ AI Lesson 3d ago
Real-World CVE HTTP Request Smuggling Apache mod_proxy Example
A reproducible walkthrough of CVE-2022-26377, a request smuggling desync in Apache mod_proxy_ajp, plus the upstream patch and config hardening that close it.
View lesson → + Playlist
OWASP Secure Coding Checklist for Node Express APIs 2026
Dev.to · Stefan 6d ago
OWASP Secure Coding Checklist for Node Express APIs 2026
A practical OWASP-aligned secure coding checklist for Node.js and Express APIs in 2026, covering auth, input validation, logging, and safe defaults.
Read article → + Playlist
How to Prevent Prompt Injection in LangChain Python Apps
Dev.to · Stefan 1w ago
How to Prevent Prompt Injection in LangChain Python Apps
A practical guide to defending LangChain Python apps against prompt injection, with attack examples and layered mitigation patterns.
Read article → + Playlist
Fix HTTP Parameter Pollution: Spring Boot REST API Code Review
Dev.to · Stefan 1w ago
Fix HTTP Parameter Pollution: Spring Boot REST API Code Review
A code review walkthrough for fixing HTTP Parameter Pollution in a Spring Boot REST API, with vulnerable and patched controller examples.
Read article → + Playlist
System Prompt Leakage vs Prompt Injection in Spring Boot AI
Dev.to · Stefan 2w ago
System Prompt Leakage vs Prompt Injection in Spring Boot AI
Compare system prompt leakage and prompt injection in Spring Boot AI apps: how each attack works, key differences, and concrete fixes.
Read article → + Playlist
Detect Prototype Pollution in JavaScript: Code Review Checklist
Dev.to · Stefan 4w ago
Detect Prototype Pollution in JavaScript: Code Review Checklist
A practical code review checklist to detect prototype pollution in JavaScript: dangerous patterns, safe fixes, and review questions for reviewers and authors.
Read article → + Playlist
Building a Poker App Changed How We Think About Poker
Dev.to · Stefan 1mo ago
Building a Poker App Changed How We Think About Poker
When we started building a poker selection app, we thought the hardest part would be the technical...
Read article → + Playlist
Django Session Cookie vs localStorage JWT Security Comparison
Dev.to · Stefan 1mo ago
Django Session Cookie vs localStorage JWT Security Comparison
A side-by-side security analysis of Django session cookies vs localStorage JWTs, covering XSS exposure, CSRF, revocation, and safer defaults.
Read article → + Playlist
GraphQL Authorization Bypass: A Real CVE Code Review
Dev.to · Stefan 🔧 Backend Engineering ⚡ AI Lesson 1mo ago
GraphQL Authorization Bypass: A Real CVE Code Review
Walk through a real-world GraphQL authorization bypass CVE with annotated code review, showing the broken resolver pattern and a verified fix.
View lesson → + Playlist
The Problem with Most Productivity Apps (And How We Tried to Fix It)
Dev.to · Stefan 📋 Product Management ⚡ AI Lesson 1mo ago
The Problem with Most Productivity Apps (And How We Tried to Fix It)
I've used a lot of productivity apps. Task managers, habit trackers, time loggers, spreadsheets with...
View lesson → + Playlist
Real-World CVE XSS Exploit in Django Template Engine
Dev.to · Stefan 1mo ago
Real-World CVE XSS Exploit in Django Template Engine
Walk through a real CVE-class XSS in Django templates: the unsafe pattern, a working payload, the patched code, and review checks to catch it.
Read article → + Playlist