Skip to content

andifalk/secure-spa

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

36 Commits
.mvn/wrapper
.mvn/wrapper
 
 
angular-playground
angular-playground
 
 
attacker-server
attacker-server
 
 
banking-server
banking-server
 
 
javascript-playground
javascript-playground
 
 
react-playground
react-playground
 
 
slides
slides
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
mvnw
mvnw
 
 
mvnw.cmd
mvnw.cmd
 
 
pom.xml
pom.xml
 
 

Repository files navigation

Secure Single Page Applications

Security Traps in Single Page Applications like

  • Cross-Site Scripting (XSS)
  • Cross-Site Request Forgery (CSRF)
  • ...

Demos and Playgrounds

Here you find some demos & playgrounds

  • Javascript Playground: Some basic xss demos being protected by DOMPurify and Trusted Types
  • Angular Playground showing some security stuff like output encoding and sanitizing (automatic & manually)
  • React Playground showing similar security stuff like output encoding and manually sanitizing
  • Banking Server: Demo to show CSRF attack in action (real customer client, attacker client & rest api server)

About

Security in Single Page Applications

Topics

javascript sanitization security angular typescript spring-boot xss csrf escaping

Resources

Readme

License

Apache-2.0 license
Activity

Stars

1 star

Watchers

3 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

 
 
 

Languages