Subresource Integrity

There's a good chance you're using a CDN, or at least depending on some third party to provide scripts (perhaps for analytics). How do you know the browser has fetched the correct resource? How can you prevent the script from loading if it changes? That's where Subresource Integrity comes in.

Read more »

HTTP Strict Transport Security

Do you want to ensure that your users only access you site securely, even if they're using old links that explicitly tell them to use HTTP? That's exactly what HSTS is designed to address.

Read More

Web Security Series

A series of articles on web security techniques, IETF specifications and W3C recommendations. Each article focuses on one topic explaining what it is, how it works, and why you should care

Read More

Updates to dropwizard-cassandra

Two new releases are available with support for Dropwizard 1.0, Java 8, and the latest Cassandra driver

Read More