pilcrow

pilcrow

About:

pilcrow's personal website

Website:

pilcrowonpaper.com

Specializations:

Web Developer Software Developer

Incoming Links:

Lambros Petrou
Subscribe to RSS:
Link

0Managing NPM releases

2025-01-26

The text discusses the struggles of managing NPM releases and the author's solution to streamline the process. The author maintains two branches - main and next, where main holds the source code of the latest published version, wh...

0Dear OAuth providers

2024-12-11

The text is a letter to various OAuth providers, pointing out issues with their token endpoints and requesting fixes. The author also requests support for HTTP basic auth for client authentication.

0How I would do auth

2024-07-14

The post discusses the author's opinions on implementing authentication for a public-facing app, covering topics such as GitHub OAuth, password-based auth, session management, registration, email verification, login, 2FA, and pass...

0Please stop using middleware to protect your routes

2024-03-31

The text discusses the use of middleware for authorization in routing logic. The author argues that middleware is not the right abstraction for handling authorization and suggests using wrapper functions instead.

0Investigating a major security vulnerability with Clerk's Next.js integration

2024-01-26

Clerk disclosed a major security vulnerability with their Next.js integration, allowing malicious actors to act on behalf of other users. The vulnerability was related to the internals used by auth() and getAuth(). The vulnerabili...

0Generating random values in TypeScript

2024-01-03

The text discusses the issues with Math.random() and provides alternatives for generating random values in TypeScript. It explains the use of Node's crypto API and the Web Crypto API, and the methods to generate random integers an...

0A beginner's guide to OAuth 2.0

2023-11-13

OAuth 2.0 is a widely accepted standard that allows third parties to access your data on GitHub and other services without requiring you to share your password. This guide covers the concepts behind the protocol, demonstrates how ...

0The never-ending discussion of cookies vs. local storage

2023-11-12

The text discusses the pros and cons of using cookies and local storage for storing data in the client. It explains the vulnerabilities and security concerns associated with both options and provides recommendations for preventing...

0Next.js, just why?

2023-09-09

The author expresses frustration with Next.js, particularly with the difficulty of setting cookies and headers, inconsistent APIs, and limitations with middleware. They criticize the rushed release, incomplete documentation, and t...

0A look into "GDPR compliant" analytics

2023-05-09

The text discusses the GDPR compliance of analytics services, focusing on the legal aspects of data collection and privacy protection. It explains the GDPR and ePrivacy Directive, the definition of personal data, legitimate intere...