ES6 introduced a new way to express function in our codes, arrow function. It is a more compact way of expressing function with some bits of difference with regular function. Before ES6, we can do something like this to make a function: In ES6 we can do the same thing with the following syntax: It…
When writing React application we need components to present the application elements. However, often times creating a complete component class might be an overkill for a simple representation, for example a simple button. We can use Stateless Functional Component to simplify how we create a dumb/stateless component Stateless component can only render props, this should…
When we get into React we might see some event handling with
this.handleClick = this.handleClick.bind(this); In fact, that was an example from one of React’s documentation. This ‘binding’ is called Constructor Bind, we can use another way to handle an event, by using Class properties.
There are multitudes of WordPress theme in the wild. Sometimes we saw something we like. Most of them came with customization settings that can change how WordPress present things. Sometimes what we want can’t be customized easily through the settings. A child theme can be a way for us to customize the theme to our needs.Read More »
XXE attacks exploit XML processors by executing malicious XML files. This can be exploited by attackers if a web-based application allows its user to upload XML files.
WordPress inherently disables custom XML loading. This prevents External Entity and Entity Expansion attacks.
Confidential data can be intercepted in the middle of transport (between user and application server). This can be a great risk when associated with personal or financial data. WordPress internals has several mechanisms which mitigate this risk: Usage of Portable PHP Password Hashing Framework on users password Integrated permission system which controls private data access.…