In this section, I am going to describes Angular2 security for developing angular applications and the common applications
vulnerabilities and cross site scripting XSS attacks and XSS also known as one
click attacks.
“How”? “When”? And “Use”?
There are 4 key points to keep in mind when
developing Angular's apps i.e.
1.
The application level securities like
authentication and authorization.
2.
Coding with best Practices.
3.
Preventing cross site scripting (XSS).
4.
Reporting vulnerabilities and HTTP Level
vulnerabilities.
Try the live example of the code shown in this
page.
How
to write Best Practices Applications?
As per my understanding be careful when developing
apps,
1.
We can keep watching latest version
of Angular’s library releases.
2.
Don't try to add hacks or modify to Angular’s
library file.
3.
Avoid Angular’s Security Risk.
4.
Also avoid direct use of the DOM APIs.
5.
Try to use offline template compiler.
6.
Try to prevent CSRF or XSRF attacks
in your web apps.
7.
Try to prevent JSON data in your web
apps.
How
to prevent Cross Site Scripting (XSS)?
This is the most common attacks on the web apps.
To prevent XSS attacks, you must
prevent malicious code from the DOM entering.
What
is the Use the Offline Template Compiler?
The most use of offline template compiler is performance
and it does improve the apps performance.
Also an offline template compiler is used to prevent
vulnerabilities’ class that is called template injection.
Reference,
If you have any doubt to implementing security in the apps, find a professional security reviewer and take help.
I hope you are enjoying with this post! Please share with you friends.
Thank you!!
|
Anil Singh is an author, tech blogger, and software programmer. Book writing, tech blogging is something do extra and Anil love doing it. For more detail, kindly refer to this link..
|