CodeClarityLab / Glossary
Ctrl K
← Home ← Codex ← DEBT
Browse by Category
+ added · updated 7d
⚖ Terms of Use ✉ Contact

Advanced terms

297 terms of 1466 total · page 5 of 15

Sort A → Z Recently Added Recently Updated Difficulty Most Viewed Most Rated Most Shared
Level All Beginner Intermediate Advanced
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Double URL Encoding Bypass PHP 4.0+
Filters operating on URL-decoded input miss double-encoded payloads — %2527 decodes to %27 which decodes to ' — always decode completely before filtering.
2mo ago security advanced
Memory Leaks — Closures, Detached DOM ES2015
JavaScript memory leaks occur when references are accidentally retained — common causes: closures holding large objects, detached DOM nodes, forgotten event listeners, and growing Maps/Sets.
2mo ago javascript advanced
preg_replace /e Modifier (Removed) PHP 3.0+
The /e modifier in preg_replace() evaluated the replacement as PHP code — removed in PHP 7.0. Any legacy code using it is a critical RCE vulnerability.
2mo ago security advanced
Stream Filter Injection via php:// wrapper PHP 5.0+
PHP stream wrappers (php://filter, php://input) combined with user-controlled filenames enable LFI-to-RCE escalation — never allow user input in file paths.
2mo ago security advanced
Template Literal Types 4.1
TypeScript template literal types combine string literals with type interpolation — type EventName = `on${Capitalize<string>}` — enabling precise string-pattern type constraints.
2mo ago typescript advanced
Type Coercion in Authentication Checks PHP 4.0+
PHP's loose comparison (==) coerces types — '0e123' == '0e456' (both 0 in scientific notation), and 0 == 'admin' — always use === for authentication comparisons.
2mo ago security advanced
Variable Variables ($$var) Risks PHP 3.0+
$$var creates a variable whose name is the value of $var — using it with user input allows arbitrary variable access/creation and is effectively a backdoor.
2mo ago security advanced
IndexedDB ES2015
Browser-native NoSQL database for offline-capable PHP web apps — stores structured data that survives page reloads, complements service workers.
3mo ago javascript advanced
2FA Bypass Techniques PHP 5.0+
Common ways attackers circumvent two-factor authentication — SIM swapping, real-time phishing proxies, SS7 attacks, backup code theft, and session cookie hijacking after authentication.
3mo ago security advanced
Diagram: Aggregate Design Heuristics Aggregate Design Heuristics PHP 7.0+
Rules for sizing aggregates correctly — small aggregates with single-entity transactions, referencing other aggregates by ID, and designing boundaries around invariants not convenience.
3mo ago architecture advanced
AI Evaluation Metrics 🧠 4
Quantitative measures for assessing LLM output quality — BLEU, ROUGE, perplexity for text generation; precision, recall, F1 for classification; human evaluation for open-ended tasks.
3mo ago ai_ml advanced
AI Function Calling & Tool Use PHP 8.0+
LLMs requesting execution of application-defined functions — the model returns structured arguments; the application controls execution and must validate inputs.
3mo ago ai_ml advanced
Amortized Analysis
Averaging the cost of an operation over a sequence — explaining why dynamic array append is O(1) amortised despite occasional O(n) resizes.
3mo ago algorithms advanced
Diagram: API Abuse Prevention API Abuse Prevention PHP 5.0+
Techniques to detect and block bots, scrapers, credential stuffing, and automated abuse — beyond basic rate limiting to behavioural and intelligence-based controls.
3mo ago security advanced
API Composition Pattern
An API layer aggregates parallel service calls into a single client response — reducing N round trips to 1 and improving perceived latency.
3mo ago architecture advanced
API Contract Testing 🧠 1
Consumer-driven contract tests verify that a provider API matches what consumers expect — catching breaking changes before deployment, without end-to-end tests.
3mo ago api_design advanced
B-Trees & B+ Trees
Self-balancing tree structures used in database indexes — each node holds multiple keys, keeping the tree shallow and minimising disk I/O for range queries.
3mo ago data_structures advanced
Diagram: Backends for Frontends (BFF) Backends for Frontends (BFF) PHP 7.0+
A dedicated API layer per frontend client (mobile app, web app, third-party) — each BFF aggregates and transforms microservice data for its specific client's needs.
3mo ago architecture advanced
Block Cipher Modes PHP 7.1+
How a block cipher (AES) processes data larger than one block — ECB is insecure, CBC requires a MAC, GCM provides authenticated encryption and is the correct choice.
3mo ago cryptography advanced
Business Logic Abuse
Exploiting flaws in application workflows rather than technical vulnerabilities — bypassing payment steps, abusing discount codes, manipulating quantity fields, or racing concurrent requests.
3mo ago security advanced
✓ schema.org compliant