A few days ago I wanted to integrate gravatar in
one of the applications I’v been working on, and
realized gravatar still uses MD5 for hashing the
user’s email.
I was wondering whether I would need
an external module
to generate the hash, but quickly realized the native
crypto can do the trick:
It contains 150+ pages of content dedicated to securing web applications and improving your security awareness when building
web apps, with chapters ranging from explaining how to secure HTTP cookies with the right flags to understanding why it is
important to consider joining a bug bounty program.