In my last post, I showed how you can deploy a Single Page Application to AWS using AWS’ S3, CloudFront and Route 53. This post picks up where the last one left off, so if you haven’t read it, go check it out! This time, we’ll be improving our DevOps by building a basic CI/CD pipeline. Since we’re already using AWS to host our site, it makes sense to keep using their services since they do integrate well together (That’s how they get you!...
Recently, I made a simple personal website — a hub for my online presences and a place to share my personal projects. I developed the site using the Angular CLI, and when it came time to host the site, I chose AWS since my domain was already set up in Route 53. Overall, the process of building the application and hosting it on AWS was a fairly simple one (you could probably set the whole thing up in about an hour), but there were a couple of gotchyas that prompted me to write down the process....
Cross-Site Scripting is still one of the most prevalent web application vulnerabilities, and has featured in each revision of the OWASP Top 10 since the list was first published in 2010. Peaking at #2 in 2010, XSS was knocked off the podium for the first time in 2017, coming in at #7 on the list. This demotion may be due to the rise in popularity in Single Page Application (SPA) front-end frameworks such as React, Angular and Vue, which often include built-in sanitation to prevent these attacks....