Giters

andifalk / secure-spa

Security in Single Page Applications

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

angularcsrfescapingjavascriptsanitizationsecurityspring-boottypescriptxss

Secure Single Page Applications

Security Traps in Single Page Applications like

  • Cross-Site Scripting (XSS)
  • Cross-Site Request Forgery (CSRF)
  • ...

Demos and Playgrounds

Here you find some demos & playgrounds

  • Javascript Playground: Some basic xss demos being protected by DOMPurify and Trusted Types
  • Angular Playground showing some security stuff like output encoding and sanitizing (automatic & manually)
  • React Playground showing similar security stuff like output encoding and manually sanitizing
  • Banking Server: Demo to show CSRF attack in action (real customer client, attacker client & rest api server)

About

Security in Single Page Applications

angularcsrfescapingjavascriptsanitizationsecurityspring-boottypescriptxss

License:Apache License 2.0

Languages

Language:HTML 33.0%Language:Java 26.3%Language:TypeScript 21.6%Language:CSS 12.2%Language:JavaScript 6.8%