all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Web Security 101 - Part 1: Secrets

Add to bookmarks
Nov. 29, 2022, 11:10 p.m. | Abbey Perini

DEV Community dev.to

Starting my web security series by sharing my secrets - just kidding! Let's talk about keeping our secrets safe.



  1. Environment Variables

  2. Secret Servers

  3. Tokens

  4. Cookies

  5. Man-in-the-Middle

  6. Web Storage API

  7. IndexedDB API

  8. Session Hijacking





Environment Variables


Environment variables are like global server variables. They're often used for secrets and sensitive information. There are ways to expose them to front-end code in the browser, but then they're not secrets anymore. Anyone can find them.


There are packages like dotenv that allow you …

beginners programming secrets security security 101 web webdev web security

Visit resource

More from dev.to / DEV Community

My last project for 100 React projects in 100 days 3 hours ago | dev.to
app beginners dev free +18
Serverless Security Vulnerabilities and Best Practices to Mitigate Them 4 hours ago | dev.to
application application development best practices challenges +20
Build Link Shortener with Supabase and Nuxt 5 hours ago | dev.to
addition api blog blog post +14
What is ITDR - Identity Threat Detection and Response 7 hours ago | dev.to
and response assets breaches challenges +25
What is CSMA (Cybersecurity Mesh Architecture)? 7 hours ago | dev.to
access architecture architectures carrier +16
HackTheBox - Writeup Keeper [Retired] 10 hours ago | dev.to
credentials ctf cve cve-2023-32784 +19
Step-by-Step Guide to Setting Up Let's Encrypt SSL on Nginx for Ubuntu 11 hours ago | dev.to
app encrypt free guide +9
Getting Started with DataDog's APM: A Developer's Guide 12 hours ago | dev.to
apm app app development application +20
Introduction to SSO with the IAM Identity Center and Entra ID 13 hours ago | dev.to
access access management accounts aws +17

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Engineer II, Offensive Security Penetration Testing

@ Amazon.com | US, TX, Virtual Location - Texas
View on infosec-jobs.com

Cybersecurity Specialist (Security Engineering)

@ Triton AI Pte Ltd | Singapore, Singapore, Singapore
View on infosec-jobs.com

Information Systems Security Officer (ISSO)

@ ARA | Arlington, Virginia, United States
View on infosec-jobs.com

Lead - IT Risk compliance & Info Security

@ First Advantage | Bengaluru-560042, Karnataka
View on infosec-jobs.com

Embedded VSOC Analyst

@ Sibylline Ltd | Australia, Australia
View on infosec-jobs.com
View more jobs