Web Development Security

Knowledge base of practical and applicable Web development security. This directory is about the information and defensive aspect of web hacking, for the offensive aspect visit /hacking.

The dangers of trusting HTTP headers
HTTP headers can be set by users and they can be very dangerous if you are using their values anywhere in the application logic, or are writing or storing (and eventually writing) their values anywh...
Nov 14, 2019
What are SameSite cookies?
Cookies without the SameSite attribute will be submitted to the "owner website" even when requests originate from other websites. Unless that's what you want (for analytics, tracking etc.,) make sur...
Dec 24, 2019

Hage Yaapa