The adventures of Matt Lawrence and Mike Karan through the world of web development, web design, and small business management. As web development agency owners for the better part of a decade, they’ve worked with all sorts of technologies, through the rise of responsive web design, the revolution of serverless computing, and the popularity gain of many no-code tools for small business owners. They commonly discuss foundational web development technologies like HTML, CSS, and JavaScript - including popular frameworks and tools such as Tailwind CSS, Svelte, WordPress, Vue, and more.
Episodes
Tuesday Jul 15, 2025
Tuesday Jul 15, 2025
In this episode, Matt and Mike dive deep into web app security by walking through a simple SaaS note-taking app and breaking down vulnerabilities at each layer—from frontend and backend to auth and hosting. With 16 billion credentials recently leaked and AI increasing attack complexity, even indie devs need to lock things down. They cover common security pitfalls like XSS, CSRF, IDOR, insecure cookies, and more—along with practical mitigations using tools like tRPC, Prisma, and Next.js. Whether you’re building solo or part of a team, this episode will help you build safer apps from the ground up.
Show Notes: https://www.htmlallthethings.com/podcasts/we-should-care-more-about-web-app-security
Powered by CodeRabbit - AI Code Reviews: https://coderabbit.link/htmlallthethings
Use our Scrimba affiliate link (https://scrimba.com/?via=htmlallthethings) for a 20% discount!! Full details in show notes.
No comments yet. Be the first to say something!