Security misconfiguration resources - JavaScript Tutorial

- Security misconfiguration is when you the developer, do not take the time to properly secure your application or leave breadcrumbs of your security access all over the code. If you look at the code I included in the course, I left an issue in there just for your own investigation. So if you want to take a look at it, open the exercise files, and go to chapter four, and then drop this into Visual Studio Code for example, and try to figure out where is the error. And if you pause the video right now and go through my code you'll see what was the mistake. Although small, but still one that shouldn't be allowed in a production environment. If you guessed it, I left my API key for a news API. That is a no-no and shouldn't be done. Another great example is when one commits his environment config file to the repo. Whether the repo is private or public, it's definitely a big issue. So with access to these elements a hacker…