Posts tagged “Security”
5 articles · 9 per page
API
Accessibility
Animation
Architecture
Backend
Blog
Browser
CSS
Compiler
DX
Data fetching
Design Systems
DevOps
Docker
Frontend
GitHub
JavaScript
Markdown
Media
Monorepo
Next.js
Node.js
ORM
Observability
Performance
Pipeline
Playwright
PostgreSQL
Prisma
React
Real-time
Redis
Security
Serverless
State management
Stripe
Tailwind CSS
Testing
Tooling
Turborepo
TypeScript
Vitest
Web
i18n
•1 min read
JWT access tokens and refresh rotation in SPAs
HttpOnly cookies vs memory, refresh token reuse detection, sliding sessions, and why BFFs still help browser security.
Security
React
API
•2 min read
Next.js middleware: edge patterns and pitfalls
Matcher config, auth redirects, geolocation headers, A/B flags, and what you cannot do in middleware without hurting TTFB.
Next.js
Security
Performance
•1 min read
Content-Security-Policy nonces in Next.js
Why nonces beat unsafe-inline, generating per-request nonces in middleware, passing to Script components, and strict-dynamic tradeoffs.
Next.js
Security
•1 min read
Rate limiting serverless APIs with Upstash Redis
Token bucket vs sliding window, keys by IP or user id, @upstash/ratelimit in Vercel Edge, and false positives behind NAT.
Redis
Serverless
Security
•3 min read
Security headers in Next.js (App Router)
Defense in depth with X-Frame-Options, HSTS, Referrer-Policy, Permissions-Policy, and a pragmatic Content-Security-Policy rollout using Report-Only, nonces, and middleware.
Next.js
Security