Juan Palomino Your Login Redirect Is Probably a Security Hole A quick guide to open redirect vulnerabilities — and why your returnUrl parameter needs a babysitter. You ship a login page. Users hit a protected route, get bounced to /login , and after authenticati... Mar 26, 2026
Engineering Team The Silent SEO Killer: When Your Canonical URLs Point to the Wrong Domain How a single config line can make your production site invisible to Google and the principled fix that prevents it from ever happening again. The Discovery We found the bug during a routine SEO audit.... Mar 26, 2026
