Heroku: Most Common Errors Explained

The allure of quickly spinning up an app on a platform as a service (PaaS), as opposed to cobbling together a solution on an infrastructure as a service (IaaS), makes Heroku an appealing option for many developers. With the explosive growth in the platform as a service market, new features and capabilities are continually rolling out. Along with the fast-paced evolution of Heroku comes an increase in complexity, which can create challenges for application developers.Even if you’re a seasoned developer with extensive experience with Heroku, there are some common errors you can run into. Learn all about them from Taurai Mutimutema on Solarwinds’ blog. 

Git Squash: How to Condense Your Commit History

Maybe you needed to make a lot of commits because you forgot to remove comments in the code. Or you have a tight delivery of a very important feature, and you need to make sure everything is saved before signing out for the day. That’s okay. In the end, maybe you should have had fewer commits than you actually have, and you don’t know how to fix it. No problem! Git Squash is here to help you! And this post on CloudBees’ blog from Pedro Barbosa will explore exactly that: what Git Squash is, why you should use it, some ways to perform it and a deeper explanation of two of those ways.

Laravel Path Traversal Guide: Examples
and Prevention

So you’ve deployed your Laravel-based website, and you want people to find and see it. However, keep in mind that there are files your website needs to run that you don’t want users to see, ever. Those could be PHP files containing configuration data, such as database credentials and API keys. They could be private keys for your web server’s SSL certificate. Or, if you have an interactive website with user-generated content, there may be files that some users have uploaded for personal or limited use. No other user should have access to these files or be able to read, overwrite, or delete them without permission. This article from Lukas Rosenstock on Stackhawk’s blog will examine path traversal attacks, a common problem through which websites leak internal files.

Laravel Open Redirect Security Guide

The internet is, by its nature, a connected place. It’s filled with resources linking to other resources in a glorious spiderweb of information, both delightful and terrifying. Enabling this functionality is the humble URL, which can point you in the right direction or just as easily lead you astray. In this blog post, you’ll learn about a security vulnerability called the open redirect vulnerability and how to protect yourself against it. Learn more from John Pereira on Stackhawk’s blog. 

React XSS Guide:Examples and Prevention

The web has grown vastly over the years in terms of technologies, frameworks, complexity, and utility. Today, more than a billion people browse through thousands of websites every day. As a result, the internet is always flooded with sensitive data like user credentials, credit card details, etc. Therefore, developers must be aware of common vulnerabilities that hackers can exploit to misuse their users’ data. One such vulnerability is cross-site scripting (XSS). In this post on Stackhawk’s blog from Siddhant Varma, you’ll understand what XSS is and how it impacts your users.

Vue XSS Guide:Examples and Prevention

The modern web is built on trust. This trust is a fundamental ingredient of the recipe that lets users carry out everything from browsing social media to banking on the internet. To maintain this trust, website owners go to great lengths to protect their servers from external attackers. But what if these attacks come from within your application? Injection attacks are a type of vulnerability that let attackers disguise malicious scripts and inject them into otherwise trusted websites. In this post on Stackhawk’s blog from John Pereira, you’ll learn about XSS attacks and how they can affect you. We’ll also dissect an XSS example in Vue and look at ways you can protect your application.

Rust XSS Guide:Examples and Prevention

Application security is a wide-reaching concern for software engineers today, since there’s room for attacks in almost every permutation of programming language and their resulting apps. The Rust language (Rust-Lang) is by no means exempt from security threats. This post from Taurai Mutimutema on Stackhawk’s blog serves as a guide to Rust XSS vulnerabilities.

Rails Path Traversal Guide: Examples and Prevention

Cyberattacks are happening pretty much constantly these days. Even if you follow general security best practices, there are many language- and framework-specific vulnerabilities that attackers can try to exploit. One of these vulnerabilities is the so-called path traversal vulnerability. In this post from Dawid Ziolkowski on Stackhawk’s blog, you’ll learn what the path traversal vulnerability is and how to prevent it in the case of the Ruby on Rails application.

Rails Open Redirect Guide: Examples and Prevention

Modern web applications face a never-ending risk of attack. These days you can become a target even if your website is small and new. There are automated robots running twenty-four-seven all over the internet looking for any kinds of vulnerabilities. Therefore, securing your web application is more important than ever. Some security best practices are universal, such as, for example, never exposing ports and endpoints to the internet that don’t need to be exposed. Others are language- and framework-specific. In this post from Dawid Ziolkowski on Stackhawk’s blog, you’ll learn how to protect your Rails application from open redirect vulnerability.

React Native vs. Xamarin: The Definitive Guide

The big challenge with mobile development is managing all the operating systems (OSs) and devices out there. People have Android and iOS devices of different software types. That meant you needed to write the same code multiple times. But because this violates the don’t repeat yourself principle of coding, software developers set out to solve this problem. What they came up with is software that can translate code into the format needed for different mobile OSs without having to rewrite it. Two well-known ones are Xamarin and React. If you’re starting a project, which one of these should you use? Andrew Bryant can answer that question on Waldo’s blog.

The Flutter DropdownButton Tutorial for Beginners

When crafting a user experience for your mobile app, you often need the user to select one item from a list of options. This could be for a variety of reasons, such as collecting information on a form, customizing settings, or for navigation. In the case of a form, allowing users to select from a list of options when completing the form can make the user experience much smoother, while at the same time, ensuring the capture of only valid data. For instance, a country selection on an address form ensures that you always capture a valid country name. Flutter provides the DropdownButton widget to enable these types of user experiences. Learn all about it from Daliso Zuze on Waldo’s blog.

The bigger a database grows in relation to the access memory allocated to individual app nodes, the more focus is placed on how data is stored. In such cases, architectural changes to data stores can lead to impressive results. This brings us to the focus of this post—exploring how storing data on a column basis differs from the mainstream row storage approach. Find out more from Taurai Mutimutema on Scalyr’s blog.

Your Complete Guide to Test Automation Frameworks

We also updated a few posts this week.

Gone are the days when enterprises relied solely on manual testing. Even though manual testing is an integral part of the testing process, there’s no denying its disadvantages. It’s tedious, time-consuming, and calls for hefty investment in human resources. The debate about manual vs. automated testing has been going on for a long time. And many people are still ignorant about what automation means in testing. This post on Testim’s blog provides a complete guide to test automation frameworks.

If you’re interested in getting started with C# logging as quickly as humanly possible, you’ve come to the right place.  Today, we’ll look at just how to do that. This post is a tutorial that we’ll get you from zero to hero in regards to C# logging. By the end of the post, you’ll have learned, in practice, how to start logging in C#. Get started with this post on Scalyr’s blog.

The Apache error log is a log file (and the most important log file) of Apache’s runtime errors. The next thing people seem to wonder about a lot has to do with differentiating between the access log and the error log.  Are these two different things?  Or is it just kind of two names for the same thing? Find out the answers in this post on Scalyr’s blog.