BestHub
Sign in
Tag

Web Security

0 views collected around this technical thread.

php中文网 Courses
php中文网 Courses
May 28, 2025 · Information Security

Understanding XSS Attacks and Prevention Methods in PHP

Cross‑Site Scripting (XSS) is a common web security vulnerability where malicious scripts are injected into pages, and this article explains typical PHP XSS scenarios, demonstrates code examples, and outlines effective mitigation techniques such as htmlspecialchars(), HTML Purifier, proper headers, secure cookies, CSP, and best practices.

Content Security PolicyPHPWeb Security
0 likes · 5 min read
Understanding XSS Attacks and Prevention Methods in PHP
Top Architect
Top Architect
May 21, 2025 · Frontend Development

Understanding Same‑Origin Policy and CORS in Web Development

This article explains the browser's same‑origin policy, its role in preventing XSS, CSRF and other attacks, details the protocol, host and port rules, illustrates with examples, and then describes CORS, simple and preflight requests, credential handling, and provides a complete request flow diagram.

CORSHTTPPreflight
0 likes · 17 min read
Understanding Same‑Origin Policy and CORS in Web Development
Spring Full-Stack Practical Cases
Spring Full-Stack Practical Cases
Apr 23, 2025 · Backend Development

Master Spring Boot 3 Filters: 8 Essential Built‑in Filters Explained

This article introduces Spring Boot 3's filter mechanism, outlines core functions and application scenarios, and provides detailed code examples for eight built‑in filters such as CharacterEncodingFilter, CorsFilter, and HiddenHttpMethodFilter, helping developers build secure and efficient web applications.

FilterJavaServlet
0 likes · 7 min read
Master Spring Boot 3 Filters: 8 Essential Built‑in Filters Explained
Architecture Digest
Architecture Digest
Apr 18, 2025 · Information Security

Understanding Same-Origin Policy, CORS, and Preflight Requests

The article explains the fundamentals of the browser's same‑origin policy, the security risks it mitigates, how Cross‑Origin Resource Sharing (CORS) works—including simple and preflight requests—and best practices for handling credentials and header restrictions.

CORSCross-OriginSame-Origin Policy
0 likes · 10 min read
Understanding Same-Origin Policy, CORS, and Preflight Requests
php中文网 Courses
php中文网 Courses
Apr 14, 2025 · Backend Development

Using PHP LDAP Functions for Connecting, Binding, and Authenticating Users

This article explains how to use PHP's LDAP functions to connect to an LDAP server, bind an account, and authenticate users, providing clear code examples for each step in a typical web application authentication workflow.

AuthenticationBackendDirectory Services
0 likes · 4 min read
Using PHP LDAP Functions for Connecting, Binding, and Authenticating Users
php中文网 Courses
php中文网 Courses
Apr 3, 2025 · Information Security

How to Defend Against CSRF Attacks Using PHP

This article explains the fundamentals of CSRF attacks, how they exploit authenticated users' cookies, and provides practical PHP techniques—including token generation and verification, request‑origin checks, secure cookie settings, and safe login/logout handling—to effectively protect web applications.

CSRFPHPWeb Security
0 likes · 6 min read
How to Defend Against CSRF Attacks Using PHP
Code Ape Tech Column
Code Ape Tech Column
Mar 23, 2025 · Information Security

Understanding QR Code Login: Principles, Token Authentication, and Process Flow

This article explains the fundamentals of QR code login, covering QR code basics, token‑based authentication, the step‑by‑step process from QR generation to device polling, scanning, confirmation, and token exchange, and discusses security considerations and implementation details for web, PC, and mobile platforms.

QR codeWeb Securitylogin
0 likes · 11 min read
Understanding QR Code Login: Principles, Token Authentication, and Process Flow
php中文网 Courses
php中文网 Courses
Mar 5, 2025 · Backend Development

PHP Session Management and User Authentication

This article explains PHP's session management mechanisms, basic session operations, security considerations, and various user authentication methods—including session‑based login, token‑based authentication, and password hashing—providing developers with practical guidance to build secure web applications.

BackendPHPSession Management
0 likes · 4 min read
PHP Session Management and User Authentication
Rare Earth Juejin Tech Community
Rare Earth Juejin Tech Community
Feb 24, 2025 · Frontend Development

Implementing a Hidden Auto‑Like Button on Facebook Using Frontend Techniques

This article demonstrates how to embed a hidden Facebook Like button that automatically registers likes as the user moves the mouse, using HTML, CSS positioning, JavaScript event handling, and the Facebook SDK, while keeping the element invisible to the user.

CSSFacebookJavaScript
0 likes · 4 min read
Implementing a Hidden Auto‑Like Button on Facebook Using Frontend Techniques
php中文网 Courses
php中文网 Courses
Jan 17, 2025 · Backend Development

Understanding PHP Session Management: Concepts, Functions, and Best Practices

This article explains the fundamentals of PHP session management, covering how sessions store and transmit user data across pages, essential functions like session_start() and $_SESSION, practical code examples, and common pitfalls to avoid for secure and efficient web applications.

Code ExamplePHPSession Management
0 likes · 6 min read
Understanding PHP Session Management: Concepts, Functions, and Best Practices
Top Architect
Top Architect
Jan 9, 2025 · Information Security

Understanding JWT Token Security and Mitigation Strategies

This article explains the fundamentals of JSON Web Tokens (JWT), compares token‑based authentication with traditional session methods, outlines common token security threats such as theft, replay and forgery, and provides practical measures—including HTTPS, encryption, secure storage, expiration policies, two‑factor authentication, and safe token refresh—to protect token integrity in modern web applications.

AuthenticationInformation SecurityJWT
0 likes · 12 min read
Understanding JWT Token Security and Mitigation Strategies
Baidu Geek Talk
Baidu Geek Talk
Jan 6, 2025 · Information Security

MarkupLM-based Detection of Malicious Content Scraping

The article presents a MarkupLM‑based approach that enriches BERT with XPath embeddings to jointly model webpage text and structure, enabling site‑level detection of malicious content‑scraping pages that bypass traditional rule‑based filters and demonstrating the critical role of structural cues in improving spam classification accuracy.

Document UnderstandingMarkupLMWeb Security
0 likes · 16 min read
MarkupLM-based Detection of Malicious Content Scraping
Top Architect
Top Architect
Dec 22, 2024 · Information Security

Understanding OAuth2.0: Principles, Architecture, and Implementation

This article provides a comprehensive overview of OAuth2.0, explaining its core concepts, the roles of resource owner, client, authorization server, and resource server, illustrating the full authorization flow with diagrams, clarifying related terminology such as authentication, delegation, and roles, and finally noting additional promotional material.

AuthenticationAuthorizationOAuth2.0
0 likes · 14 min read
Understanding OAuth2.0: Principles, Architecture, and Implementation
iKang Technology Team
iKang Technology Team
Dec 4, 2024 · Information Security

Best Practices for Upgrading HTTP to HTTPS in Enterprise Environments

Enterprises should follow a six‑phase plan—inventorying domains, securing and installing SSL certificates, configuring servers, redirecting traffic, updating links and sitemaps, testing, and finally enforcing HTTPS‑only access—while monitoring performance impacts such as latency, bandwidth, CPU load, and handshake overhead.

HTTPSSSLServer Configuration
0 likes · 9 min read
Best Practices for Upgrading HTTP to HTTPS in Enterprise Environments
Top Architect
Top Architect
Nov 26, 2024 · Information Security

Understanding Same-Origin Policy and CORS: Core Concepts, Simple Requests, and Preflight Mechanics

This article explains the same‑origin policy, its role in protecting browsers from XSS, CSRF and other attacks, illustrates how origins are defined with protocol, host and port, and details how CORS, simple requests and preflight requests enable controlled cross‑origin communication.

CORSCross-Origin RequestsPreflight
0 likes · 15 min read
Understanding Same-Origin Policy and CORS: Core Concepts, Simple Requests, and Preflight Mechanics
php中文网 Courses
php中文网 Courses
Nov 15, 2024 · Information Security

Best Practices for Securing PHP Applications

This guide outlines comprehensive, actionable steps for PHP developers to build secure applications by using the latest PHP version, enforcing HTTPS, sanitizing input, managing passwords, preventing XSS and CSRF, handling sessions, logging errors, securing file uploads, and applying the principle of least privilege.

PHPSecure CodingWeb Security
0 likes · 10 min read
Best Practices for Securing PHP Applications
php中文网 Courses
php中文网 Courses
Nov 14, 2024 · Information Security

Best Practices for Securing Laravel Web Applications

This article outlines essential Laravel security practices, including built‑in authentication, CSRF protection, input validation, HTTPS enforcement, secure session handling, regular dependency updates, and rate limiting, providing developers with concrete steps to protect web applications from common attacks.

AuthenticationCSRFHTTPS
0 likes · 6 min read
Best Practices for Securing Laravel Web Applications
37 Interactive Technology Team
37 Interactive Technology Team
Nov 11, 2024 · Information Security

Background, Definition, Structure, and Authentication Process of JWT (JSON Web Token)

JSON Web Token (JWT) is a compact, self‑contained, stateless token that encodes header, payload, and signature in Base64URL, enabling secure, signature‑verified authentication without server‑side session storage, simplifying scaling, supporting cross‑domain use, while offering advantages like lightweight extensibility and drawbacks such as revocation difficulty and secret‑key reliance.

AuthenticationAuthorizationJSON
0 likes · 16 min read
Background, Definition, Structure, and Authentication Process of JWT (JSON Web Token)
Rare Earth Juejin Tech Community
Rare Earth Juejin Tech Community
Nov 5, 2024 · Frontend Development

Comprehensive Guide to Using iframe in Web Frontend: Responsive Sizing, Dynamic Height, Cross‑Domain Communication, and Security

This article provides a detailed tutorial on iframe usage in web front‑end development, covering responsive sizing based on the parent window, dynamic height adjustment via postMessage, handling HTTP/HTTPS mismatches, cross‑origin issues, and security considerations such as X‑Frame‑Options.

Cross-OriginNginxResponsive Design
0 likes · 13 min read
Comprehensive Guide to Using iframe in Web Frontend: Responsive Sizing, Dynamic Height, Cross‑Domain Communication, and Security