A place for developers to talk about building on Farcaster.

/dev

What's your perspective on issues caused by improper server configuration? Do you think problems requiring interaction with social engineering, such as missing SPF records, incorrectly configured CORS, reflective XSS, etc., are serious? are you willing to spend time fixing these?

Security Researcher, author of coded virus in 'Independence Day' /shellcode 

When I was 13 I created a website for my school. Next day it got hacked by my classmate. That day I learned how important it is to spend as much time as needed to protect your work.

Senior Dev: dalresin.xyz
Creator: /dbee 🐝, /farkitchen + /farhelp, /crazy-penguins 🐧, chrome plugin - dalresin.xyz/chrome
EX: /farswag

WOW, I didn't even know what  cmd was at 13, and your classmate, and your classmates are also very talented.

To be fair, it was written in PHP without any framework 😂

Oh, okay, but it's pretty impressive to be able to write PHP at 13. If you use a framework and it has vulnerabilities, it can also be easily attacked (PHP and JAVA have fed half the hackers on the planet, haha). 😁

Since PHP 8.0, both language features and frameworks have greatly improved in terms of security, causing some security researchers to switch to JAVA security research (like me). For frameworks like Laravel, we can only wait for a 0day to appear.

Yeah, that's true, lol. But nowadays, most frameworks are really well-tested. I put my trust in Laravel, to be honest.