๐ Enhancing Hive Postify Security: Preventing Malicious XSS and Invalid Input Attacks @aftabirshad
hive-139531ยท@aftabirshadยท
0.000 HBD๐ Enhancing Hive Postify Security: Preventing Malicious XSS and Invalid Input Attacks @aftabirshad
# <center>Introduction</center> Hello friends, how are you? I hope you are all well and living your lives peacefully and busy learning new things. I want to take some time for you in this post of mine. And I hope and pray that you are all happy and that's how I start this post. I was busy with the work of building my website, which is why I couldn't post and I was late for a few days. But you can't call it a late post because I was supposed to post it only after I implemented security on the website, and it really took me time. I hope you like my website and I will do my best to improve it.  --- And if you want to know about the website I'm building called **Hive Postify**, you can check out the post below. [Developing Hive Postify โ A Custom Interface for the Hive Ecosystem and Developed Almost (50%) Powered by Hive Blockchain](https://hive.blog/hive-139531/@aftabirshad/developing-hive-postify-a-custom-interface-for-the-hive-ecosystem-and-developed-almost-50-powered-by-hive-blockchain) And in this post of mine, information about this website has been given and you will also find the source code in this post. --- ## Notice I think it is better to tell you and I think it is a right thing to tell you first that this website is still being built. This website is not yet complete. It is about 50 percent complete or something more. But in recent days, I have made changes to the security of this website. In my previous post, many of my friends had said that there was a slight problem with security, so I have made many changes to security and have made the website very secure. But this website is still under observation. If any brother finds any mistake or wants to give any suggestion, he can give it in the comment box. There is no restriction on anyone. --- ## Thanks For previous Post suggesion @louis88 In my previous post, my brother had given me a suggestion about security and I followed his advice and made many changes in security. Of course, this credit goes to my brother. I am sure I do not make any changes in security, but I was thinking about it after creating the website, but when this brother's comment came, I thought that it should be done now so that the community does not think that their words are not being listened to. If you have any suggestions, you can definitely give them. Your suggestions will definitely be worked on. --- ## <center>We Make This Website</center> --- https://youtu.be/rD_PI3G84Ko?t=37 --- --- # <center>Hive Postify Security Updates</center> I have made many security changes to my website in the past four or five days, which has made the website very secure so that no attack can be performed and no user data can be leaked, so that people and all users can use it securely. ## Cleary Notify I would like to inform you that no data of any user is being stored on my website, not even any location or IP address of anyone is being detected. You can use it freely. ---- * ### DOM Purify I have used the DOM Purify JavaScript library to secure my website. Surely the developers know this, and for those who don't know, I want to tell you that this library does not allow XSS attacks to be performed, so the website is secure. * ### Security Initialization Before the page loads, it will check whether all the security files and data are working or not.If a security module is missing, it will give an error and will not output data. * ### Content Security Content Security will do this: If we open any post, its title and content will be completely sanitized. No unauthorized data can be input.And it also uses the Dom purify library. * ### Other In addition, many more security features have been added, which ensures that the website data is encrypted and poses no risk to the user. --- ## How I added these security features First of all, I created a file of my data so that I could know which files I have. In these files, I checked which files required this security feature and started installing it on them. But I am a developer and I know that one file can also be created for them to set all the security features. But if we need to make any changes later, it is a little difficult. Therefore, I make it a must in my work that separate files are created for each file or each page so that it is easy to make changes. --- **Create ``comment-security.js``** .png) **Create ``community-security.js``** .png) .png) ---- **Create ``post-security.js``** .png) **Create ``replybox-security.js``** .png) .png) This was the file that I thought was right to create security for. Apart from that, there are also many changes made to the security in the script file. And almost every script file has been changed for security reasons and many security features have been added. If you read my previous post, the link to which I have given above, you will understand that a separate script scriptjs has been created for each page. --- ## Added New security plan Apart from this, I will create another security file that will provide another layer on top of all the files of this website, which will make the website more secure, and that layer will also protect these security files so that they are also secure by themselves. I will create the file in that website only when I have fully developed this website because it is not a good step to create it now because it is easier for me to create it after the website is completed so that all the pages can be secured. ``security.js`` --- ## Hive.blog CDN API Already Secured If we talk about the security of my website, I have used Hive.com Cydia, which is very secure in itself, but what I am worried about in this website is the theft of people's data, such as their passwords, and I have made it very secure. I cannot upload files to my GitUp source code until I complete this website and test it. After performing all the tests on my part, performing all the attacks, correcting them, and filling in the gaps in the website, I will make the website public for all of you so that you can all perform your attacks and give me your results. --- ## My Next Plan I have enhanced the security of my website these days as much as I have created the website, but I want to complete this website in the future and I am also giving it time and I hope that I will have fully developed this website soon. --- # <center>[Github Repository Source Code](https://github.com/aftabirshad/Hive-Postify)</center> # Website Live Link --- [Home page](https://aftabirshad.github.io/Hive-Postify/index.html) [Communities Page](https://aftabirshad.github.io/Hive-Postify/communities.html) [Friends Page](https://aftabirshad.github.io/Hive-Postify/friends.html) ## Request For Support I request all users of Hi to support my website so that I can continue working on it.And I hope that I will definitely get the fruits of my labor. I need Support For many of things. ## <center>Thanks For My Previous Post Support</center> All 646 Users --- I need your support as well as your suggestions so that I can improve this website. Please give me your suggestions. --- **Thanks For Support and Suggesion @cryptoreforma** Thank you very much for your suggestion and thank you very much for your support. You had suggested to me that the website should also have a night mode. Insha Allah, when I complete the website, I will definitely implement this feature. I cannot implement it now because then I would have to implement it on other pages. Therefore, I will implement it in the end so that it remains consistent on all pages and your suggestionwill definitely work. # <center> Thanks For Reading</center>
๐ cryptoreforma, acidyo, holbein81, diosarich, dejan.vuckovic, xves, ghaazi, rendrianarma, tillmea, aslamrer, devpress, ninnu, meltysquid, ronasoliva1104, arcange, achimmertens, laruche, calebmarvel24, walterjay, felt.buzz, aidefr, robotics101, egistar, imcore, lartist-zen, photographercr, davidlionfish, enira, lolz.byte, unschool, unschooler, ccceo.voter, powerpaul, cryptocompany, ccceo.team, ccceo.app, ccceo.rewards, ccceo.invest, brobang, ccceo.voter2, flamo, photomoto, yourfairy, stmctrail, solymi, belhaven14, flexnet, mugglow, hive-196769, aborowczak1972, meins0815, snvault, crimo, magic.byte,