As developers, we spend a large amount of time in our ‘Terminal’ / ‘Shell’.
Although there are multiple available shells such as ‘zsh’, ‘ksh’ and others — ‘bash’ is one of the most popular ones and often the default.

I realized that I would often view the ‘current Git branch’ OR the ‘current working directory’ by running the git branch and pwd commands respectively.
However, these can be embedded right in the prompt itself by customizing it.

Below was the final result post customization:

As you can see, the ‘current working directory’ is shown in yellow, whereas the ‘current Git…

What:

Cross-site scripting (XSS) is a type of attack in which malicious scripts are injected into a trusted website. It typically occurs due to lack of input sanitization and further rendering of this unsafe input, in a web application.

There are primarily two types:

  1. Stored / Persistent XSS:

In this type of XSS, there is no explicit action required from the victim, since the injected script is permanently stored on the target server(s). The victim unknowingly retrieves the malicious script from the server, when requesting for other information.

How:

There is a forum page, which displays the most recent comment on a…

As per the Wikipedia definition:
HTTPS or HTTP Secure is an extension of the Hypertext Transfer Protocol (HTTP) for secure communication over a computer network.

It is what manifests itself as the green padlock icon that can be seen in the ‘Address Bar’ of your browser, when visiting any website that supports HTTPS eg — Medium.

HTTPS on Medium

In HTTPS, there is encryption using Transport Layer Security (TLS) or Secure Sockets Layer (SSL), which was the predecessor.
TLS was introduced in 1999, and is based off SSL 3.0.

SSL / TLS aim to provide both privacy (using encryption) and identification (trusting the…

Cross-Site Request Forgery also known as CSRF / XSRF is an HTTP level vulnerability.

In a CSRF attack, an attacker tricks the user into visiting a different web-page (eg — evil.com) with malicious code that secretly sends a request to the application’s web server (eg — abc-bank.com ).

Here’s a scenario of how it could happen:
Let’s say the user is logged into the application at abc-bank.com. The user opens and email and clicks a link to evil.com, which opens in a new tab.

The evil.com page immediately sends a malicious request to abc-bank.com. This could for example be a…

Naman Sancheti

Frontend Engineer — II @Amazon • Ex @MorganStanley • Ex @Delhivery • Posts are my own • Web: namansancheti.in • Twitter: @namans_26

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store