Foreword In this article, the author will focus on custom hooks in React and tell you about the concept of custom hooks and how we can design and write custom hooks… Introduction Custom hooks are an extension based on React Hooks. We can develop combined hooks that meet business needs according to business needs, focusing […]
Tag: uri
“Ensuring Security: PostgreSQL Security Configuration and Best Practices”
Blogger Maotouhu () takes you Go to New World? Maotouhu recommends a list of essential technology stacks for programmers: ? Full Stack Technology Full Stack: MERN/MEAN/MEVN Stack | Jamstack | GraphQL | RESTful API | ? WebSockets | CI/CD | Git & Version Control | DevOps Front-end technology Frontend: ? HTML & amp; CSS | […]
Couleur (chairman tree + heuristic splitting)
I learned dsu on tree a long time ago, but I didn’t expect heuristic splitting Couleur Question meaning: Given a sequence, one operation can invalidate one position. Given the sequence of operations (hidden through XOR, forced online), find the maximum number of reverse sequences in the continuous sub-interval without invalid positions after each operation. Each […]
JWT security and practical cases
Article directory JWT security 1. Cookies 2.Session 3.Token 4.JWT 4.1 JWT Overview 4.1.1 JWT header 4.1.2 Payload 4.1.3 Signature Hash 4.1.4 Communication process 4.2 JWT vulnerability description 4.3 JWT vulnerability principle 4.4 JWT security defense 5. WebGoat shooting range experiment 5.1 The fourth level 5.2 The fifth level 5.3 The seventh level 6. CTFHub real […]
JWT security and practical cases
Article directory 1. JWT (json web token) security 1. Cookie (placed in browser) 2. Session (put on the server) 3.Token 4. JWT (json web token) 4.1 Head 4.1.1 alg 4.1.2 type 4.2 payload 4.3 Signature 4.4 Communication process 5. Defense measures 2. Vulnerability example (webgoat) 1. Level 4 2. Level 5 3. Level 7 1. […]
“Network Security” How to build a MySQL malicious server to read files?
Foreword Note: This article does not involve research on MySQL protocol messages. It only explains the principles and does some demonstrations. Although the threshold for direct use of building a MySQL malicious server to read files is relatively high, I personally feel that it is relatively new because I saw a relatively new way of […]
Detailed ideas and process of configuring ModSecurity on Nginx under Ubuntu
Here is an introduction: Ubuntu is a linux operating system, Nginx is a web server software, and ModSecurity is an open source web application firewall (called “WAF” by people in the world). If you don’t have a certain understanding of the above concepts, you can actually read the following content. It’s just not easy to […]
Comparison of Java class file security encryption tools and practical use of ClassFinal
Article directory Preface Comparison of common encryption schemes XJar ProGuard ClassFinal ClassFinal actual combat Pure command mode maven plug-in method write at the end Foreword I believe that many students develop software for user commercialization. Many of these commercially operated projects will be deployed directly on the customer side, which may lead to the leakage […]
Content-Security-Policy
Introduction: The HTTP response header Content-Security-Policy allows site administrators to control which resources the user agent can load for a given page. It is mainly aimed at the execution of js code and defense against xss. There are many CSP setting parameters. Here we will explain the commonly used parameters and content to deepen the […]
Identity Authentication + Access Control for Linux Security Reinforcement
1. Identity authentication configuration: 1.1 Creation and management of user groups: Create a user group: Use the command ??groupadd ?? to create a new user group. Delete a user group: Use the command ??groupdel ?? to delete a user group. Modify a user group: Use the command ??groupmod ?? to modify the attributes of a […]