Handles security Angular 4 Apps

How Google Handles Security in Angular 4, 5, 6 and 7 Applications?

The cross-site scripting attack doesn’t cover application-level security and for the applications security will need to implements authentication and authorization.

As you know -
1.     Authentication - Who is this user?
2.     Authorization - What can this user do?

Best Practices to Application Level Security -
1.     Keep updated releases of Angular library. Actually, the security team regularly update the fixes of security and defects in latest versions.
2.     Don't add any custom hack on Angular library. It will create the problem to update the latest library.
3.     You Must Prevent Trusting safe values
4.     You Must Follow the HTTP level vulnerabilities
5.     You Must Prevent Cross-site request forgery (CSR Fattacks)
6.     You Must Prevent Cross-site script inclusion (XSSI)
7.     You Must Prevent Security Policy (CSP)
8.     Avoid direct use of the DOM APIs
9.     Use the offline template compiler
10. Try Server-side XSS protection

Angular Sanitization and Security Contexts -
1.     The HTML is used when interpreting a value as HTML (for example - when binding to innerHtml).
2.     The CSS Style is used when binding CSS into the style property.
3.     URL is used for URL properties like <a href="">.
4.     Resource URL is a URL that will be loaded and executed as code, such as <script src="">

References -

I hope you are enjoying with this post! Please share with you friends!! Thank you!!!

Anil Singh is an author, tech blogger, and software programmer. Book writing, tech blogging is something do extra and Anil love doing it. For more detail, kindly refer to this link..

My Tech Blog - https://www.code-sample.com/
My Books - Book 1 and Book 2

www.code-sample.com/. Powered by Blogger.