Starting my journey here ๐ท To build things that make life a little smarter, prettier, and more human. Here to learn and share my journey with curiosity and consistency โจ
Tech + creativity = my happy place ๐ #LearningInPublic#WomenWhoCode#WomenInTech#TechJourney
Day2: Building Secured Applications
This is one of the MOST common real-world vulnerabilities.
And honestly:
many beginners accidentally create this vulnerability without realizing it.
Day2: Building Secured Applications
CSRF tokens ARE visible in frontend.
If user opens:
DevTools, Inspect, console, page source,they can see token.
Then Why Is It Still Secure?
Because:
only the CURRENT authenticated user/browser can access their own token.
Day1 : Building a Secured Application
If attackers already have the hash values from the database, canโt they just use those hashes as passwords?
The website login system does NOT say:
โGive me the hash.โ
It says:
โGive me the original password.โ
Then it verifies to match.
@rahidk85 The next concept might gonna be securing your session credentials, maybe the whole point of adding it to security series must be this. I hope it make sense! ;))
Day 1: Building a Secured Application
The real issue:
Whether input is treated as DATA or CODE.
Thatโs the entire security concept.
Separate SQL logic from user data!