Deprecated: Parsedown::blockSetextHeader(): Implicitly marking parameter $Block as nullable is deprecated, the explicit nullable type must be used instead in /html/falk-m.de/blog/web/vendor/erusev/parsedown/Parsedown.php on line 715

Deprecated: Parsedown::blockTable(): Implicitly marking parameter $Block as nullable is deprecated, the explicit nullable type must be used instead in /html/falk-m.de/blog/web/vendor/erusev/parsedown/Parsedown.php on line 853

Deprecated: League\Plates\Template\Func::call(): Implicitly marking parameter $template as nullable is deprecated, the explicit nullable type must be used instead in /html/falk-m.de/blog/web/vendor/league/plates/src/Template/Func.php on line 96

Deprecated: League\Plates\Template\Template::data(): Implicitly marking parameter $data as nullable is deprecated, the explicit nullable type must be used instead in /html/falk-m.de/blog/web/vendor/league/plates/src/Template/Template.php on line 115
BLOG | falk-m.de

Blog | falk-m.de

Like other developers, I read articles, test new features, analyze code from others and so on. Also, I have some interesting code snippets used in projects, if I need them, I always search in old projects. This blog is my central place now, to collect interesting code snippets, features, etc. | RSS Feed

SECURITY ✕

svg xss attack

from falk-m.de · 2024-02-17 SECURITY
In my last post about htaccess configuration, I found these lines of code in another project: <IfModule mod_headers.c> <FilesMatch "\.(?i:svg)$"> Header set Content-Security...
read more

htaccess best practices

from falk-m.de · 2024-02-16 PHPSECURITY
SEO and performance set expiration header <IfModule mod_expires.c> ExpiresActive On ExpiresDefault "access plus 1 week" ExpiresByType text/html "access plus 600 seconds" Expir...
read more

session management with tokens

from falk-m.de · 2024-02-13 SECURITY
This Post is not about OAuth. The inspected use case is the session management for an API after the authentication (after login). It is not about the authentication process, code flow, and so on. I...
read more

Extract SMIME certificate from mail

from falk-m.de · 2024-01-29 security
In an earlier post, I describe how you can send an s/mime encrypted mail. If you want to send encrypted mail, you need the public certificate from the recipient's email address. One way to receive ...
read more

OWAS Top 10

from falk-m.de · 2024-01-23 security
The owasp is an organization, to increase the security in www. This presentation has been created for the Webmontag Meetup. Presentation Open pdf presentation
read more