/secure-spa

Security in Single Page Applications

Primary LanguageHTMLApache License 2.0Apache-2.0

Secure Single Page Applications

Security Traps in Single Page Applications like

  • Cross-Site Scripting (XSS)
  • Cross-Site Request Forgery (CSRF)
  • ...

Demos and Playgrounds

Here you find some demos & playgrounds

  • Javascript Playground: Some basic xss demos being protected by DOMPurify and Trusted Types
  • Angular Playground showing some security stuff like output encoding and sanitizing (automatic & manually)
  • React Playground showing similar security stuff like output encoding and manually sanitizing
  • Banking Server: Demo to show CSRF attack in action (real customer client, attacker client & rest api server)