Cheat sheets

This page is a small set of high-signal external references. Use it when you need quick reminders on:

Input validation in Node.js (what to validate, where, and common pitfalls)
SSRF URL validation bypass patterns (how allowlists/regex checks are commonly bypassed)

JS URL parameter parsing cheat sheet: https://cheatsheetseries.owasp.org/cheatsheets/Nodejs_Security_Cheat_Sheet.html#perform-input-validation
URL validation bypass cheat sheet (SSRF): https://portswigger.net/web-security/ssrf/url-validation-bypass-cheat-sheet