11 articles

📰 Dev.to · Charles Kern

Articles from Dev.to · Charles Kern · 11 articles · Updated every 3 hours · View all reads

All ⚡ AI Lessons (10497) ArXiv cs.AIDev.to · FORUM WEBDev.to AIForbes InnovationOpenAI NewsHugging Face Blog
How to Fix Wildcard CORS in Cursor-Generated Code (CWE-942)
Dev.to · Charles Kern 7h ago
How to Fix Wildcard CORS in Cursor-Generated Code (CWE-942)
TL;DR Cursor and Claude Code default to cors() with no arguments in every Express...
Read article → + Playlist
Why Cursor Keeps Generating Wildcard CORS -- And How to Fix It
Dev.to · Charles Kern 🔐 Cybersecurity ⚡ AI Lesson 2d ago
Why Cursor Keeps Generating Wildcard CORS -- And How to Fix It
TL;DR AI editors almost always default to cors() with no config -- which sets...
View lesson → + Playlist
Why Cursor Keeps Hardcoding Your API Keys (And How to Stop It)
Dev.to · Charles Kern 3d ago
Why Cursor Keeps Hardcoding Your API Keys (And How to Stop It)
TL;DR AI assistants trained on public repos reproduce hardcoded secrets because that's...
Read article → + Playlist
Why Cursor Generates Wildcard CORS in Every Express App
Dev.to · Charles Kern 4d ago
Why Cursor Generates Wildcard CORS in Every Express App
TL;DR Cursor almost always outputs cors() or cors({ origin: '*' }) with no origin...
Read article → + Playlist
Why Cursor Keeps Writing Wildcard CORS Into Your Express API
Dev.to · Charles Kern 5d ago
Why Cursor Keeps Writing Wildcard CORS Into Your Express API
TL;DR Cursor consistently generates cors() with no config -- equivalent to origin:...
Read article → + Playlist
Why Cursor Keeps Setting CORS to * (And How to Fix It)
Dev.to · Charles Kern 6d ago
Why Cursor Keeps Setting CORS to * (And How to Fix It)
TL;DR Wildcard CORS (Access-Control-Allow-Origin: *) shows up in the majority of...
Read article → + Playlist
AI-Generated APIs Keep Shipping Wildcard CORS. Here's the Fix.
Dev.to · Charles Kern 1w ago
AI-Generated APIs Keep Shipping Wildcard CORS. Here's the Fix.
TL;DR Cursor, Claude Code, and Copilot consistently generate Access-Control-Allow-Origin:...
Read article → + Playlist
The IDOR Bug Cursor Keeps Writing Into Your API Routes
Dev.to · Charles Kern 1w ago
The IDOR Bug Cursor Keeps Writing Into Your API Routes
TL;DR AI editors add authentication middleware but routinely skip ownership...
Read article → + Playlist
CORS Wildcard in AI-Generated APIs: What Cursor Gets Wrong
Dev.to · Charles Kern 1w ago
CORS Wildcard in AI-Generated APIs: What Cursor Gets Wrong
TL;DR AI editors default to cors() with zero config in almost every Express/Fastify...
Read article → + Playlist
IDOR in Cursor-Generated APIs: The Auth Check That Never Shows Up
Dev.to · Charles Kern 1w ago
IDOR in Cursor-Generated APIs: The Auth Check That Never Shows Up
TL;DR Cursor and Claude Code generate resource endpoints that authenticate but never...
Read article → + Playlist
3 Broken Auth Bugs Cursor Keeps Writing Into JWT Code
Dev.to · Charles Kern 1w ago
3 Broken Auth Bugs Cursor Keeps Writing Into JWT Code
TL;DR Cursor generates jwt.decode instead of jwt.verify, which skips signature validation...
Read article → + Playlist