Unique web app features become possible when developed as part of a robust framework. Software engineers choose the libraries and tools that best suit the final goal, and everything necessary to achieve it... (more…)

Hide a malicious JavaScript library in a PNG image and tweet it, then include it in a vulnerable website by exploiting a XSS bypassing its Content-Security-Policy (CSP). (more…)

We are dramatically increasing the installation speed of npm modules...

There are three ways to create variables in a JavaScript application: using var, using let, or using const. This will not be a post trying to convince you which one you should use, or arguing about what is best. It’s just good to know about the difference... (more…)

This website chronicles my folly and ramblings, currently centred in London, where I'm living and working. (more…)