r (@r@bsky.brid.gy)
Create Stunning UIs with Just a Prompt – Syncfusion Code Studio UI Builder
buff.ly/n06nd7G
#ai #ux #ref #javascript #dotnet #dotnetmaui #react #windowsdev #webdev
Create Stunning UIs with Just ...
Show Original Post
alvinashcraft (@alvinashcraft@hachyderm.io)
Create Stunning UIs with Just a Prompt – Syncfusion Code Studio UI Builder
#ai #ux #ref #javascript #dotnet #dotnetmaui #react #windowsdev #webdev
Show Original Post
qiita (@qiita@rss-mstdn.studiofreesia.com)
useEffectEventを理解する
https://qiita.com/tachu/items/a8a14ead9028d6932338?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items
#qiita #フロントエンド #React #useEffect #useEffectEvent
Show Original Post
hasamba (@hasamba@infosec.exchange)
🔍 Detection Method
===================
🎯 AI
Executive summary: The post documents building an offensive-security
AI agent using LangGraph's ReAct paradigm to automatically parse a
JavaScript asset, enumerate hidden API endpoints, and probe them for
misconfigurations and sensitive data exposure. The testbed is a
minimal Flask app that serves a vulnerable main.js and a set of
endpoints with differing access controls.
Technical details:
• The JavaScript asset contains an API_CONFIG object mapping logical
names to endpoints such as /api/v1/user-info, /api/v1/admin, and
/api/v1/profile.
• The script leaks a hardcoded admin key (ADMIN_KEY) used in an
X-Admin-Key header and uses fetch() to call endpoints.
• The /api/v1/user-info endpoint returns user records including SSN
and salary without authentication, representing an authorization
bypass/data exposure.
Analysis:
• Automating discovery via an LLM-driven agent that combines reasoning
and tool use (ReAct) is effective for parsing code, extracting
artifacts (endpoints, header requirements, secrets), and iteratively
testing endpoint behavior.
• The approach highlights common server-side weaknesses: hardcoded
secrets in client assets, endpoints lacking authentication, and
endpoints requiring custom headers that may be discoverable and
abused.
Detection:
• Monitor access patterns to main.js and other public assets for
unusual automated pulls.
• Implement rules to alert on responses containing PII fields like ssn
in API responses.
• Create IDS signatures to detect requests presenting X-Admin-Key
values or enumeration of /api/v1/* endpoints.
Mitigation:
• Remove hardcoded secrets from client-side code and rotate any exposed keys.
• Enforce authentication and authorization on endpoints returning
sensitive fields; apply least privilege and field-level redaction.
• Harden API surface with rate limits, anomaly detection, and require
proof-of-possession for high-privilege endpoints.
Limitations:
• The agent's effectiveness depends on prompt design, tool
capabilities for HTTP probing, and safe guardrails to avoid harmful
actions.
• Findings are illustrative of automation potential and do not
substitute for human-led penetration testing.
🔹 LangGraph #ReAct #Flask #APIsecurity #LLMsecurity
🔗 Source: https://infosecwriteups.com/building-my-first-offensive-security-agent-part-1-7b2dbb93c842
Show Original Post
fstackbulletin (@fstackbulletin@mastodon.social)
State in the url in #React (the right way)
https://medium.com/@meric.emmanuel/state-in-the-url-in-react-the-right-way-3b031a3b183a
Show Original Post
mortoray (@mortoray@peoplemaking.games)
React Hooks Demystified: The mechanics of useState
Explore how React's useState hook works under the hood and understand how state is tracked across renders -- a key to writing correct and predictable code.
https://mortoray.com/react-hooks-demystified-the-mechanics-of-usestate/
Show Original Post
miked (@miked@mastodon.gamedev.place)
Hammad Hassan talking about “The Unwritten Rules of Fast React Apps” at DevTalks Cluj 2025.
#tech #conference #romania #react #frontend #web
Show Original Post
anime (@anime@jforo.com)
https://www.project-anime.com/1292768/ 【Anime Reaction】Dandadan 2nd Season/ダンダダン 第2期 Episodes 9-12 ! Peak is back let’s go part 2 ! #2025Summer #2025SummerAnime #2025年夏開始の新作アニメ #Anime #CoverCorp #ExoticBankai #hololive #HololiveReaction #HOLOSTARS #ichikara #IndieVtubers #nijisanji #NijisanjiReaction #react #reaction #utaite #VOMS #vsingers #Vtuber #vtuberreaction #アニメ. #ダンダダン第2期 #にじさんじ #ホロライブ #新作アニメ 【Anime Reaction】Dandadan 2nd Season/ダンダダン 第2期 Episodes 9-12 ! Peak is back
Show Original Post
gregstoll (@gregstoll@techhub.social)
Ported an app from .NET MAUI to React Native/Expo! https://gregstoll.wordpress.com/2025/09/24/ported-an-app-from-net-maui-to-react-native-expo/ #Essay, #Javascript, #Maui, #Programming, #Projects, #React
Show Original Post
ianiv (@ianiv@mastodon.social)
A custom built SPA framework based on modern web APIs can be 80%-90% faster than React, with 50% the memory footprint. Only one runtime dependency (DOMPurify)
After years of wanting to do this I finally had a chance to build it with my coworkers. It is so good.
Show Original Post
robrich (@robrich@hachyderm.io)
https://react.dev/reference/react/experimental_taintObjectReference - #React's experimental "taintObjectReference lets you prevent a specific object instance from being passed to a Client Component like a user object." But clone the object and it's no longer tainted.
Show Original Post
fstackbulletin (@fstackbulletin@mastodon.social)
I've tried Solid.js, now I'm starting to hate #React
https://alemtuzlak.hashnode.dev/ive-tried-solidjs-now-im-starting-to-hate-react
Show Original Post