this is a short story about a little trick that can help us to separate constraints, optimize performance and have a cool way to insert styles to our pages.
Anyone who made a website knows that there are many ways of include CSS lets talk about the main ones
This kind of insertions of CSS is very popular because of the new trends of js frameworks that use “CSS in js” this can be archived inside of the style attribute, this is great if you have preprocessors to optimize the CSS used or something that can help us to…
Hi welcome to another mini-post, this is about CSP let's start defining CSP content security policy this is a security layer based on mitigation of XSS attacks and data injection.
To activate CSP you must make a setup in your server configuration to add this header
in some older versions, this header was:
or alternatively, you can set a meta tag defining it as this but not recommended:
<meta http-equiv="Content-Security-Policy" content="">
But more important what can we delimit with a CSP?
We can set policies based on this directives:
when we talk about client-side applications, advantages of microservices and micro-frontend, integrations from the client-side, and make our apps more independent we are talking about these common issues lets describe them briefly.
CORS(cross-origin resource sharing) for security communicational reasons browsers restrict cross-domain requests, but what is a cross-domain request? imagine a web served from an URL
That ask resources via XMLHttpRequest from another like this can be made via GET, POST, PUT, or PATCH methods.
This is a cross-domain request because those are separated domains this could be owned by different developers/organizations and because of that, the browser…
passionated web developer everything that you do with passion will make you a better person