Author
Gloria Garcia
AppSec Engineer
Gloria specialises in application security, with 8 years of experience auditing codebases and securing production web applications. She is an OWASP contributor and regular conference speaker.
6 articles by Gloria Garcia
How to Read a QR Code From a Screenshot on Your Laptop Without Using Your Phone
Someone sent you a QR code on Slack or email, but you are on your laptop. Learn how to decode QR code screenshots securely on Mac or Windows without needing your phone.
Read articleSecurity Headers Every Production Website Should Send
Stop failing penetration tests. Use this practical production checklist for HTTP security headers, including HSTS, CSP, nosniff, Referrer-Policy, and what old headers you should remove.
Read articleWhat Is Quishing? How to Inspect QR Codes Safely Before You Scan
Quishing (QR phishing) hides malicious links inside QR codes. Learn how the attack works, what payloads to watch for, and how to decode QR codes safely before executing them.
Read articleWhat Hidden Metadata Your Photos Reveal — and How to Remove It Safely
Every photo you take can contain hidden EXIF metadata, including GPS coordinates, timestamps, and device details. Learn how to inspect and strip image metadata safely in your browser.
Read articlePassword vs. Passphrase: Which Is Better for Real-World Security?
Still using short, complex passwords with special characters? Learn why modern password guidance favors length, when passphrases make sense, and how to generate strong credentials safely.
Read articleContent Security Policy (CSP) for React and Next.js: The 2026 Implementation Guide
Whitelisting is dead. Learn how to implement a strict nonce-based Content Security Policy in Next.js and React without breaking hydration or third-party scripts.
Read articleWant to audit your own project?
The same expertise behind these articles powers CodeAva's audit engine.