Web Security 12
Digital Signature using Web Cryptography API
This post is a part 4 of Web Cryptography API Tutorial post series. ⎘ Next post in the series is Passphrase Based Encryption using Web Cryptography API. ⎗ Previous post in the series is Asymmetric Encryption using Web Cryptography API. Suppose person A sends a document to person B. Person A doesn’t want Person B […]
Asymmetric Encryption using Web Cryptography API
This post is a part 3 of Web Cryptography API Tutorial post series. ⎘ Next post in the series is Digital Signature using Web Cryptography API. ⎗ Previous post in the series is Symmetric Encryption using Web Cryptography API. In this tutorial I will show you code example of how to generate keys of asymmetric […]
Symmetric Encryption using Web Cryptography API
This post is a part 2 of Web Cryptography API Tutorial post series. ⎘ Next post in the series is Asymmetric Encryption using Web Cryptography API. ⎗ Previous post in the series is Hashing using Web Cryptography API. In this tutorial I will show you code example of how to generate public key of symmetric […]
Hashing using Web Cryptography API
This post is a part 1 of Web Cryptography API Tutorial post series. ⎘ Next: Symmetric Encryption using Web Cryptography API. In this tutorial I will show you code example of how to produce hash of data using Web Cryptography API. Converting String to Array Buffer and Array Buffer to Hexadecimal String If you need […]
Web Cryptography API Tutorial
This post is a part 23 of Advanced JavaScript APIs post series. Web Cryptography API provides JavaScript interfaces to perform cryptography operations like hashing, symmetric & asymmetric encryption and generating & verifying digital signatures. In this tutorial I will introduce you to the fundamentals of cryptography and Web Cryptography API. Uses of Web Cryptography API […]
How does Google’s No CAPTCHA reCAPTCHA work?
Many websites have started integrating Google’s new No Captcha reCaptcha. It has a better anti-bot protection and user experience. Most don’t know how it actually works. In this article I will explain various techniques used by Google to detect bots. Is is a check box? Google asks users to click the check box to verify […]
Introduction to Subresource Integrity
Web technologies like TLS, HSTS and pinned public keys make sure that webpage resources are downloaded from the correct host. But these methods fail to verify if the downloaded resource is manipulated or not. For example, a attacker having access to the resource server can manipulate the resource(make it vulnerable to the app) and this […]
Preventing CSRF Attacks In WordPress Using Nonces
WordPress nonces are a great way to protect from CSRF attacks which is very common throughout the web. In this article I will explain what is CSRF attacks and how to prevent these attacks in wordpress using nonces. What is CSRF Attacks? CSRF (Cross Site Request Forgery) is a type of attack in which requests […]
How Does HTTP Authentication Work?
We all use cookies to create a authentication system. But most of us don’t know that HTTP provides a authentication model which can be implemented within minutes by writing little code. In this post we will look at creating a authentication system using HTTP’s built in mechanism. What is HTTP Authentication? Authenticating users using HTTP’s […]
Most Viewed
My Books
Most Commented