Security Headers Reviews

Okta Reviews

Security Headers mentions (57)

• Why is text of sumissions in low-contrast grey on HN?

  There are so many accessibility issues on Hacker News! Ways to avoid the same mistakes? Easy... 1 - Make sure everyone involved from designers to developers to content creators to testers to... Whatever your village has in it... Has knowledge of WCAG. (New standards out a few weeks ago!) WCAG is the de facto law of the land now, and businesses are liable from damages if they don't make efforts to ensure all users... - Source: Hacker News / 9 months ago

• Show HN: Year old launches SaaS platform today. Seeks feedback

  Few minor accessibility issues. https://wave.webaim.org/report#/https://propbox.co/ Bunch of front-end security issues. Some of these are trivial, but also... Why not just knock them out? https://securityheaders.com/?q=https%3A%2F%2Fpropbox.co%2F&followRedirects=on The Privacy page is a nightmare, as others have pointed out. Why do this? Won't work with screen readers, won't let users copy text... it's bad.... - Source: Hacker News / about 1 year ago

• Hacker News evading criticism by selectively adding noreferrer to certain links

  FWIW HN sets the Referrer-Policy header [1] to origin [2] but I have no idea how many browsers honor that. [1] - https://scotthelme.co.uk/a-new-security-header-referrer-policy/ [2] - https://securityheaders.com/?q=https%3A%2F%2Fnews.ycombinator.com%2F&hide=on&followRedirects=on. - Source: Hacker News / about 1 year ago

• Security headers - what they are and how to use them 🔒

  I was recently tasked with improving the security rating on one of our websites. This involved a couple of things but the thing I want to focus on in this post is security headers. We scanned the site here and were initially given a rating of 'E'. Not good. So one of the recommendations was to add security headers which are headers contained in the HTTP response and can provide various different security benefits,... - Source: dev.to / about 1 year ago

• Google No Longer Automatically Indexes Websites – WTF?

  Google has to know about the site before it can index it. Set up the sitemap, then link the sitemap in from Google's Search Console Tools, and install Google Analytics. This will help Google pick up that your site exists. Make sure your robots.txt file is configured to allow crawlers. Make sure your pages aren't inadvertently NOINDEX'd. SEO isn't as relevant as it used to be, but all this stuff should be part of... - Source: Hacker News / about 1 year ago

Okta mentions (6)

• How to use PassportJS for authentication in NodeJS

  The majority of the codebases I've worked on over the years have always favoured using JSON web-tokens (JWT) or Authentication-as-a-Service platforms (Auth0, Okta etc) for authentication logic. These are indeed excellent choices! however, on smaller projects I find these to always seem to be overkill. Recently I started working on a chrome extension that performs social sign-in using twitter OAuth API and... - Source: dev.to / over 1 year ago

• Millennials, what confuses you about Gen Z?

  This happened to me three days ago! A new employee had trouble logging into our intranet, which is at OurCompanyName.okta.com. He was going to okta.com. Source: over 1 year ago

• Access Control System (ACS) Architecture

  Maybe go to okta.com , they have some cool solutions, might give you some ideas. Source: over 2 years ago

• GameStop knows. DRS 💜

  Okta.com is being used by gamestop to power the login to the creator platform. their favicon is a dark blue circle. Source: over 2 years ago

• Login with email is now shown as an option?

  The email field is used for domains which have set up Okta, Onelogin, or other specialized identity providers. The login page has to redirect you not just to a single okta.com/onelogin.com/etc authenticator as it does with Google/Microsoft/GitHub, but to the specific OAuth endpoint set up for the specific domain. So it needs to know what domain you're trying to authenticate against so it can redirect you to the... Source: over 2 years ago