| Security Measure | Description | |
|---|---|---|
| ☐ | Use HTTPS everywhere | Prevents basic eavesdropping and man-in-the-middle attacks |
| ☐ | Input validation and sanitization | Prevents XSS attacks by validating all user inputs |
| ☐ | Don't store sensitive data in the browser | No secrets in localStorage or client-side code |
| ☐ | CSRF protection | Implement anti-CSRF tokens for forms and state-changing requests |
| ☐ | Never expose API keys in frontend | API credentials should always remain server-side |
donbrae
/ similarText.js
Last active
February 17, 2025 01:52
JavaScript function which mimics PHP’s `similar_text()`.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Source: ChatGPT 4 | |
| function similarText(first, second) { | |
| // Check for null, undefined, or empty string inputs | |
| if (first === null || second === null || typeof first === 'undefined' || typeof second === 'undefined' || first.trim().length === 0 || second.trim().length === 0) { | |
| return { matchingCharacters: 0, similarityPercentage: 0 }; | |
| } | |
| // Type coercion to ensure inputs are treated as strings | |
| first += ''; | |
| second += ''; |
mattppal
/ security-checklist.md
Last active
May 5, 2025 19:19
A simple security checklist for your vibe coded apps