When writing React application we need components to present the application elements. However, often times creating a complete component class might be an overkill for a simple representation, for example a simple button. We can use Stateless Functional Component to simplify how we create a dumb/stateless component Stateless component can only render props, this should…
When we get into React we might see some event handling with
this.handleClick = this.handleClick.bind(this); In fact, that was an example from one of React’s documentation. This ‘binding’ is called Constructor Bind, we can use another way to handle an event, by using Class properties.
There are multitudes of WordPress theme in the wild. Sometimes we saw something we like. Most of them came with customization settings that can change how WordPress present things. Sometimes what we want can’t be customized easily through the settings. A child theme can be a way for us to customize the theme to our needs.Read More »
XXE attacks exploit XML processors by executing malicious XML files. This can be exploited by attackers if a web-based application allows its user to upload XML files.
WordPress inherently disables custom XML loading. This prevents External Entity and Entity Expansion attacks.
Confidential data can be intercepted in the middle of transport (between user and application server). This can be a great risk when associated with personal or financial data. WordPress internals has several mechanisms which mitigate this risk: Usage of Portable PHP Password Hashing Framework on users password Integrated permission system which controls private data access.…
Authentication allow users to access their data using their own credentials. In web application this is one of major risks. Web application which have broken authentication can allow users access data of other users which they are not supposed to have access. Web application with broken authentication can be e through several ways, such as…