Dashboard
News
Videos
Code
Resources

SYS::OKUTC --:--:--BUILD c0d3x@v2.14.2

UPLINK::HN/GH/LOBSTERS/DEV● LIVE

Dashboard
News
Videos
Code
Resources

> loading_

c0d3x.org · proprietary · v2.14.2

status privacy changelogBUILT WITH NEXT 16 · REACT 19 · TAILWIND 4// stay curious

// feed

News.aggregator

2 results · page 1/1

2 results

HN GH RD DEV LOB ARX PH TLD clear all ✕

// tags· 2 selected

#1000 #100daysofsolana #100daysofsolona #2026 #a11y #accountability #achievement #activator #actors #adaptive #adopting

#php#commentaires

DEVMay 4, 2026 · 5h ago

Adding comments to a PHP blog without a database

The first article on this blog explained how it was built in 30 minutes with Claude Code. Naturally, a blog needs comments. Same constraints: no database, no external dependencies, no Disqus tracking visitors. Just PHP + JSON files. Built in one session with Claude Code — the interesting part wasn't the code, it was the security audit that followed. A comment system without a database seems trivia

#agenticstandards

#aiassisteddevelopment

#aidiagnostictrust

#angular-roadmap

#architecturecloud

#arquitecturasoftware

#artificial-intelligence

#autoregressivegeneration

#avoidlossescrypto

#backend-roadmap

#backenddevelopment

#bearmarketcrypto

#bedrockagentcore

#bestcryptoapi2026

#blockchain-roadmap

#browserextension

#browserextensions

#careerdevelopment

#childrensliterature

#chromeextension

#cleanarchitecture

#cloudcomputing

#cloudformation

#cognitiveinfrastructure

#commitmessages

#computer-science

#computerscience

#confidentialcomputing

#continuousbatching

#crlfauthenticationbypass

#cross-platform

#cryptocurrency

#cryptoriskmanagement

#cryptotradingbotapi

#customcssfunctions

#dataengineering

#datastructures

#datavisualization

#deep-neural-networks

#desenvolvimento

#devcyclechallenge

#developercareer

#developerproductivity

#developertools

#devsecopsuygulamaları

#digitalsovereigntyai

#digitalthinking

#disasterrecovery

#distributedsystems

#dynamicprogramming

#emailmarketing

#embeddedsystems

#endüstriyelsistemgüvenliği

#engineeringleadership

#engineeringmanagement

#eventsinyourcity

#firstvisittojapan

#gittabanlıaltyapı

#googlechromeextensions

#googlefordeveloper

#healthcareaiethics

#highavailability

#humanaicollaboration

#humanintheloop

#incidentmanagement

#infrastructure

#javascriptlibraries

#jetpackcompose

#juniordevcrisis

#learningtocode

#machine-learning

#machinelearning

#maintainability

#midnightchallenge

#multiagentsystems

#oh-my-zsh-plugin

#parallelrequests

#patientphysicianparadox

#platformengineering

#premadefivemserver

#prematurelockin

#proceduralgeneration

#productengineering

#productivitybeginnerswebdev

#promptengineering

#python-frameworks

#reactnativeotpautoverify

#regimedetection

#reinforcementlearning

#retrocomputing

#secretsmanagement

#selfimprovement

#semanticchunking

#semanticsearch

#softwaredevelopment

#softwareengineering

#softwarequality

#sustainability

#testautomation

#theweeklchallenge

#troubleshooting

#tseasınıfısızmatesti

#vectordatabase

#virtualization

#virtualmachine

#workplaceaitools

#php#commentaires#json#scurit

DEVMay 4, 2026 · 7h ago

A superscript-1 walks past every Go SSRF guard

TL;DR. golang.org/x/net/idna.Lookup.ToASCII runs UTS-46 NFKC mapping 0-9. A pre-IDNA net.ParseIP check rejects the NO_PROXY lists, TLS-SNI routers, and cookie-domain validators that TrimRight + ParseAddr golang.org/x/net/http/httpproxy, the canonical safe pattern, and two I ran into this one while writing a Go HTTP client for a private project. I idna.Lookup.ToASCII canonicalising the host The sha

#security#go#codeql#semgrep