I learned more from this than 5 security videos, please do more like this !!!!!

sent this video to marc lou

Really did a great job with this video. It really provides all the necessary details needed for a web dev security. I remember going through hundreds of videos just to learn these points individually.

Yep, theae are the kinds of videos that kept me on your channel. 👍

I can sometimes be critical of your videos ( I watch them anyway ) but this one I can say is 100% spot on and amazingly presented.

Good job babe!!!!! Woot woot beginners crew check in here 🎉

I really like this man for making such content for us beginners. Really helps to understand important concepts at a high level. Please bring more content like this one 👍

golden content. Easy to do when using separate backend as nest.js

i love backend and i will focus on it next coming months, thanks for the video man

Good stuff!! Checking in from Sweden! 🇸🇪

very cool vid! would be nice to see another video from you about rate limiting and how to implement it & best practices

golden content, loved that❤ You clearly have talent to present packed informations with understandable manner . It would be supper cool to have each step detailed with simple example to follow. You should’ve your own course, Id buy that

crazy how i understood all of these stuff just by building one system.

Awesome high-level overview. Well thought out.

This is the kind of content that make me follow you.

Cody for President. Nice one cody more such videos please.

Love these types of videos!!! Please do more videos like THIS!!!!!!!!!!👍

If you have an app a good idea is to add SSL Pinning to it really helps a ton if user/hacker wants to reverse engineer your API (network calls) and inspect the payload etc etc it will add a extra layer of strength which is hard to bypass and you can ensure your API usage is being done by the app only

Oh please do Role-Based Authorization.

ty for starting the video without 10 minute roundabouts

🎵 Soft kitty, script kiddie, little ball of fur 🎵

Thank you! Incredible valueable knowledge.

Please do another one, which goes into more detail on specific implementations (but still framework agnostic), such as oauth2 and using jwts vs session cookies

This my go to: either find a platform/app which provide similar services as you and try to abuse it or just think if it were me how would I bypass this or abuse then you will know a million ways to bypass your security and its time to work.

Thank you for this :>>

next video: comprehensive dos and don'ts for avoiding DDoS attacks

Hey from Germany ❤ perhaps you could go more into detail about when to use the different API types: trpc, Server action, RSC? WOULD BE NICE 🎉

Great video needed this! Thanks

I love this❤, thanks a lot

you are legendary👑 keep up

Could you make a video on connecting different backends to different frontends? Like svelte / go or react / nodejs. Coming from nextjs where everything is just set up for you i'm struggling to find info on how to progress into more "real" full stack development. Been learning a ton from you thanks a lot!!!

Great video, thanks man.

keep cooking ser !

Web dev Cody cool topic Great explanation

Need more on auth stuff ❤

great video

Great vid.

Thx man :X Could you advise any Sec cert that can be attached to the web, verifies that that SAAS safe enough ? so business customers will have less concern before using some kind of automated pentest Most of the time all they know to say is "using 3rd party SAAS is forbidden" and keep doing stuff manually like dumps and at the same time, some of them do use crked desktop app or even the OS. LOL

easy to follow and useful video, thank you. Your keyboard sounds nice. can you tell me its name?

It was a great video. Can you make some actionable code video around it? Code teaches better ❤. Happy Coding

“Never trust the users input”. First law of software developers imo.

Great video!!

Great content

What keyboard are you using? Sounds cool)

thx bruh

where can one find these eraser workspaces or even the images are fine.

Could you make a dedicated video about RateLimiting using NextJS server actions or NextJS APIs

great explanation, i feel like i know how to implement all of these, i didn't know more about NextJS like an expert (but i trust my self to be able to implement all of these though because the word terms u said, it's kinda similar to word which is referenced in php framework i'm currently working on) About rate limiting, the cookie data saved on a file (it"s default btw) will it be a problem from a performance perspective? i see the most popular ones are memory based thing, redis or whatever it is...

great

Do you have some examples of bad security practices out in the wild? Asking for a friend

Sometimes we don't need authentication or authorization, we just want our domain to be able to hit our api endpoints.

I have been too lazy and haven't put post request rate limiting to my cloudflare tunnel. Does reactjs prevent script tags from executing? I think solidjs does "sanitize" automatically

Is it safe to store user ID in jwt? Or maybe in the httpOnly & secure cookie?

Can the rate limiting be set on the reverse proxy ???

Video game dev when?

Bro lucia v3 tutorial

No. We don't use NEXT anymore