bg_image
header

Cypress

Cypress is an open-source end-to-end testing framework designed for web development. It allows developers to write automated tests for web applications that run directly in the browser. Unlike traditional testing frameworks where tests are run outside of the browser, Cypress enables debugging and testing of applications in real-time.

Some of the key features of Cypress include:

  1. Easy Setup: Cypress is easy to set up and doesn't require additional drivers or configurations.

  2. Simple API: Cypress provides a simple and intuitive API that makes writing tests easier.

  3. Direct Access to the DOM: Developers have direct access to the DOM and can test applications using jQuery or other DOM manipulation libraries.

  4. Automatic Waiting: Cypress automatically waits for DOM elements and network requests, improving test stability.

  5. Snapshot and Time Traveling Features: Developers can take snapshots of tests and travel back in time to see how their application behaves at different points in time.

Cypress is often preferred by developers building modern web applications as it provides a user-friendly testing environment and can be tightly integrated into the development process.

 


Created 1 Year ago

Selenium

Selenium is an open-source tool primarily used for automated testing of web applications. It provides a suite of tools and libraries that enable developers to create and execute tests for web applications by simulating interactions with the browser.

The main component of Selenium is the Selenium WebDriver, an interface that allows for controlling and interacting with various browsers such as Chrome, Firefox, Safari, etc. Developers can use WebDriver to write scripts that automatically perform actions like clicking, filling out forms, navigating through pages, etc. These scripts can then be executed repeatedly to ensure that a web application functions properly and does not have any defects.

Selenium supports multiple programming languages like Java, Python, C#, Ruby, etc., allowing developers to write tests in their preferred language. It's an extremely popular tool in software development, particularly in the realm of automated testing of web applications, as it enhances the efficiency and accuracy of test runs and reduces the need for manual testing.

 


Created 1 Year ago

CockroachDB

CockroachDB is a distributed relational database system designed for high availability, scalability, and consistency. It is named after the resilient cockroach because it is engineered to be extremely resilient to failures. CockroachDB is based on the ideas presented in the Google Spanner paper and employs a distributed, scalable architecture model that replicates data across multiple nodes and data centers.

Written in Go, this database provides a SQL interface, making it accessible to many developers who are already familiar with SQL. CockroachDB aims to combine the scalability and fault tolerance of NoSQL databases with the relational integrity and query capability of SQL databases. It is a popular choice for applications requiring a highly available database with horizontal scalability, such as web applications, e-commerce platforms, and IoT solutions.

 


Created 1 Year ago

Stub

A "stub" is a term used in software development to refer to an incomplete part of a software or a function. Stubs are often used as placeholders to simulate or represent a specific functionality while it's not fully implemented yet. They can be used in various stages of development, such as early planning or during the integration of different parts of software. Stubs help developers to test or develop parts of software without having all dependent components available yet.

 


Created 1 Year ago

Mock

A "mock" is a term in software development that refers to a technique where a simulated object or module is created to mimic the behavior of a real component. Mocks are commonly used in testing environments, particularly in unit tests.

Here are some key points about mocks:

  1. Simulating Dependencies: In a typical software application, modules or objects may depend on each other. However, when you want to test a component in isolation without being influenced by other dependent components, you can use mock objects to simulate the behavior of these other components.

  2. Simple Implementation: Mocks are often simple placeholders or stubs used to mimic specific functions or methods. They are specifically designed for testing purposes and often contain predefined behaviors to simulate certain scenarios.

  3. Control Over Testing Environment: By using mocks, developers can have better control over the testing environment and simulate specific conditions or edge cases more easily. This increases the predictability and reproducibility of tests.

  4. Reducing External Dependencies: Using mocks can help avoid or reduce external dependencies, such as databases or APIs, increasing test speed and making tests more independent.

Mocks are an important tool in a software developer's toolkit, especially when it comes to writing tests that are robust, maintainable, and independent of each other.

 


Created 1 Year ago

CSRF Token

A CSRF token (Cross-Site Request Forgery token) is a security measure used to prevent Cross-Site Request Forgery (CSRF) attacks. CSRF is a type of attack where an attacker tricks a user into performing unwanted actions in a web application while the user is already logged into the application.

The CSRF token is a randomly generated value assigned to each user during their session. This token is typically used in the form of a hidden field in web forms or as part of URL parameters in AJAX requests. When the user performs an action, the web application checks if the submitted CSRF token matches the expected token. If the tokens match, the request is considered legitimate and processed. Otherwise, the request is rejected.

By using CSRF tokens, web applications can ensure that the actions performed originate from the authorized user and not from an attacker attempting to exploit a user's session. This helps to maintain the integrity and security of the application.

 


Created 1 Year ago

Web Application Firewall - WAF

A web application firewall (WAF) is a security solution that has been specially developed to protect web applications. It monitors traffic between web browsers and web applications to detect and block potentially harmful or unwanted activity. Essentially, a WAF acts as a shield that protects web applications from a variety of attacks, including

  1. SQL injection: an attack technique where attackers inject malicious SQL queries to access or manipulate the database.
  2. Cross-site scripting (XSS): An attack method where attackers inject scripts into websites to compromise users, such as by stealing session cookies or performing malicious actions on the user's behalf.
  3. Cross-site request forgery (CSRF): An attack in which an attacker makes a fraudulent request on behalf of an authenticated user to perform unwanted actions.
  4. Brute force attacks: Repeated attempts to log into a system using stolen or guessed credentials.
  5. Distributed Denial of Service (DDoS): Attacks in which a large number of requests are sent to a web application in order to overload it and make it inaccessible.

    A WAF analyzes HTTP and HTTPS traffic and applies specific rules and filters to identify and block suspicious activity. It can be implemented both at server level and as a cloud-based solution and is an important part of a comprehensive security strategy for web applications.

Created 1 Year ago

Browser Exploit Against SSL TLS - BEAST

BEAST (Browser Exploit Against SSL/TLS) was a security vulnerability discovered in September 2011. This vulnerability primarily affected the TLS (Transport Layer Security) protocol, specifically the Cipher Block Chaining (CBC) encryption mode in conjunction with the SSLv3 and TLS 1.0 protocols.

BEAST allowed an attacker to eavesdrop on and decrypt encrypted traffic between a web browser and a server. This was achieved by exploiting a weakness in the way CBC encryption was implemented in SSL/TLS.

To protect against BEAST attacks, it was recommended to upgrade to newer versions of TLS and to use alternative encryption methods that were not vulnerable to this weakness. Many web servers and browsers also implemented patches to mitigate the impact of BEAST.

 


Created 1 Year ago

Padding Oracle On Downgraded Legacy Encryption - POODLE

POODLE (Padding Oracle On Downgraded Legacy Encryption) was a security vulnerability in the SSLv3 (Secure Sockets Layer version 3) encryption protocol, discovered in October 2014. This vulnerability allowed an attacker to eavesdrop on and manipulate encrypted traffic between a web browser and a server. The attack exploited a weakness in the way SSLv3 processed blocks of encrypted data with padding. By exploiting this vulnerability, an attacker could, under certain circumstances, steal sensitive information such as cookies.

Due to the severity of the vulnerability, security experts recommended disabling the use of SSLv3 and upgrading to newer and more secure encryption protocols such as TLS (Transport Layer Security). Many web servers and browsers removed or disabled SSLv3 support to protect against POODLE attacks.

 


Created 1 Year ago

JSON Web Token - JWT

A JSON Web Token (JWT) is a compact, secure, and self-describing format for exchanging information between parties. It consists of a JSON structure that has three parts: the header, the payload, and the signature.

  1. Header: The header contains metadata about the type of the token and the signature algorithm used.

  2. Payload: The payload contains the actual claims or information carried by the token. These claims can include user data, roles, permissions, etc.

  3. Signature: The signature is used to ensure that the token has not been tampered with. It is created by signing the header, payload, and a secret key (known only to the issuer of the token).

JWTs are commonly used for authentication and authorization in web applications. For example, they can be used to authenticate users after login and grant them access to specific resources by being stored in HTTP headers or HTTP cookies and exchanged between the client and the server.


Created 1 Year ago
Categories
Object-oriented programming 25 Applications 62 Design Patterns 20 Strategies 122 Continuous Integration - CI 3 Testing 11 Characteristic 54 Protocols 20 Communication 9 Data Structure 5 Version Control 6
PHP 56 Python 4 Ruby 1 TypeScript 3 JavaScript 23 Erlang 2 Java 3 General 4 Python 0 Go 3 Perl 2 Swift 1
NoSQL 9 Relational Databases 16 Concepts 15 General 5 Data Warehouse 2 Time Series Databases 1 Data Types 1
Terraform 1 Cloud Computing 13 Server 5 Network 26 Virtualization 4 Ansible 1 Architecture 7 Characteristics 4
Cascading Style Sheets - CSS 3 Leaner Style Sheets - LESS 1 Syntactically Awesome Stylesheets - Sass 1
Attack Methods 18 Security Mechanisms 12 Organisations 1 Famous Security Loopholes 3
HTML 3 XML 6 Extensible Hypertext Markup Language - XHTML 1 Markdown 1
CSS 1
Kuenstliche Intelligenz 5
SCRUM 5 General 1 Kanban 1 Extreme Programming - XP 1 Crystal 5 Dynamic Systems Development Method - DSDM 1 Feature Driven Development - FDD 1
Applications 2
Characteristics 3 Strategies 2 Applications 2
Tags
Data Definition Language - DDL 2 Number of entries with this tag Search Engine Advertising - SEA 6 Number of entries with this tag Response Headers 2 Number of entries with this tag Network Layer - OSI Layer 3 5 Number of entries with this tag Mock 7 Number of entries with this tag Model View Controller - MVC 4 Number of entries with this tag Terraform 1 Number of entries with this tag Catalyst Web Framework 1 Number of entries with this tag Composer 8 Number of entries with this tag Attack Methods 22 Number of entries with this tag Directory Traversal 1 Number of entries with this tag PHP 86 Number of entries with this tag OpenAI 2 Number of entries with this tag Controller 3 Number of entries with this tag Profiling 1 Number of entries with this tag
Latest Article

OPcache

in Category

DevelopmentProgramming LanguagesPHP

Created 10 Hours 45 Minutes ago
Random Article

Progressive Web App - PWA

in Category

DevelopmentPrinciplesApplications

Created 1 Year ago
Random Tech

Whoops

6790659.png