A concise blog.

 Pardon the digression. Flashcards and spaced repetition are great ways to learn, and I created a React study group on idorecall.com , the site I use to make my learning flashcards. Geeky?  Yes, but it's useful  and if we work together we'll get  results  faster. Software is a tool, not an end in itself. http://idr.link/si6nyakk/i_TOM

Hello fellow programmers!  I’m trying something new today!  I made a YouTube video about exponent notation and Number.toString().  These are useful to de-clutter your code and to quickly change the base of a number. I hope you enjoy it, and tell me what you think about it. Links https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Numbers_and_dates#exponentiation https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Number/toString

Photo from Negativespace . This is a follow-on post to my post on clickjacking attacks . I found this article from Auth0 ( https://auth0.com/blog/cross-site-request-forgery-csrf/ ) while reading the one on clickjacking.  As before, it's worth reading.  Here's a summary. What CSRF attacks are CSRF, aka "c-surf", is an acronym fro Cross-Site Request Forgery.  The attack is where a malicious site uses another site's active session cookie to do something in the place of the user.  E.g. if you're logged in to your bank and go to a site in another browser tab, the other site could use the bank site's active session cookie to transfer money. How to prevent them User Log out of websites, especially sensitive ones. Back end The article and OWASP do a good job of explaining the details, so I'll link to them here and give an overview. https://auth0.com/blog/cross-site-request-forgery-csrf/ https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_