This is what I learned in August 2018:
- Because I’m developing an Angular web application, some topics became relevant for me. For example Cross Site Request Forgery (CSRF), a very important security whole in web applications, is explained in this Youtube video.
- In researching Spring Security, I found this nice little link collection that explains why the configuration methods for HTTP requests in Spring Security are named “antMatchers”. Short version: the syntax is like the one used in Ant (yes, the build tool).
- I learned that some browsers send out a “preflighted request” before sending the actual request. Trying to debug a web application, this is quite important to know. :) Read more here.
- Found this nice article about how to determine file types in Java. Short version: Use Apache Tika.