Microsoft

Weaponizing cross site scripting: When one bug isn’t enough

Cross-Site Scripting (XSS) is often underestimated as a minor vulnerability. In reality, XSS can open the door to more severe attacks when combined with other vulnerabilities. This post is the second ...
The Hacker News

Why React Didn't Kill XSS: The New JavaScript Injection Playbook

React conquered XSS? Think again. That's the reality facing JavaScript developers in 2025, where attackers have quietly evolved their injection techniques to exploit everything from prototype ...
GitHub

jQuery to JavaScript converter

Please note that, the utility functions generated by jquery-to-js are not completely equivalent to jQuery methods in all scenarios. Please consider this as a starting point and validate before you ...
InfoWorld

Intro to Hyperscript: Rethinking JavaScript

Before we get into too much discussion, let’s look at a Hyperscript example that communicates the spirit of the thing: In English, it says: “When the div element is loaded, send an async request to ...
InfoWorld

Using JavaScript and forms

Of all the hats JavaScript can wear, its form-processing features are among the most sought and used. Learn how to use JavaScript for form processing, validation, and more. Forms are an essential part ...
GitHub

A tiny view + state management solution using innerHTML.

innerHTML is fast. It's not fast enough if you're a Fortune 500 company or even if your app has more than just a handful of views. But it might be just fast enough for you if you care about code size.