[Implement in 10 minutes!] Create a Static Website with Hugo and Firebase

What We’re Building This time, we’re creating a static website. For a site like this blog that doesn’t expect dynamic updates from multiple users, implementing with static pages allows you to develop a site that loads quickly. Here, we’ll quickly implement it using Firebase and Hugo. What is Hugo? What exactly is HUGO? According to HUGO’s official site, Hugo is one of the most popular open-source static site generators. ...

2019/11/10 · joj0hq

Session Management Vulnerabilities

URL-embedded Session ID Overview Sessions can be embedded in URIs. PHP, Java, ASP.NET and others support this. http://example.jp/mail/123?SESSIONID=XXXXXXX Issues: Session IDs leak externally via the Referer header (What is the Referer header) The Referer header allows servers to identify where people are visiting from, and can be used for analysis, logging, and cache optimization. Countermeasures: Prohibit URL-embedded sessions themselves Attack Methods and Impact Attack flow: Start page (transitions to another page) ...

2019/07/16 · joj0hq

[AWS Introduction] Automate VPC+EC2 Construction with Terraform

Simple Infrastructure Design We’ll Create This Time When constructing infrastructure on AWS, clicking through the console from the browser every time often resulted in missing or incorrect settings in security groups and route tables, which was troublesome. Therefore, this time we’ll use a tool called Terraform that builds the infrastructure environment just by writing and executing code, automating the construction. First, let’s look at the completed diagram. Like this, we’ll create the simplest design possible with just EC2 on VPC. ...

2019/07/15 · joj0hq

[Beginner Must-Read] HTTP Basics - Technology Supporting the Web Explained in 5 Minutes

HTTP Basics What is HTTP? You probably only have the impression of it being at the beginning of URLs like http://…..com, right? If we search for HTTP on Wikipedia: Hypertext Transfer Protocol (HTTP) is a communication protocol used for sending and receiving content such as HTML. It is mainly used for transfer between web browsers and web servers on the World Wide Web. In Japanese standard specifications, it is also called hypertext transfer protocol. ...

2019/07/15 · joj0hq