https://github.com/andifalk/secure-spa

Security in Single Page Applications
https://github.com/andifalk/secure-spa

angular csrf escaping javascript sanitization security spring-boot typescript xss

Last synced: 2 months ago
JSON representation

Security in Single Page Applications

• Host: GitHub
• URL: https://github.com/andifalk/secure-spa
• Owner: andifalk
• License: apache-2.0
• Created: 2021-03-16T18:17:11.000Z (about 5 years ago)
• Default Branch: main
• Last Pushed: 2023-05-26T09:17:23.000Z (about 3 years ago)
• Last Synced: 2025-12-31T11:46:02.879Z (5 months ago)
• Topics: angular, csrf, escaping, javascript, sanitization, security, spring-boot, typescript, xss
• Language: HTML
• Homepage:
• Size: 22 MB
• Stars: 1
• Watchers: 1
• Forks: 1
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# Secure Single Page Applications

Security Traps in Single Page Applications like

- Cross-Site Scripting (XSS)

- Cross-Site Request Forgery (CSRF)

- ...

## Demos and Playgrounds

Here you find some demos & playgrounds

- Javascript Playground: Some basic xss demos being protected by DOMPurify and Trusted Types

- Angular Playground showing some security stuff like output encoding and sanitizing (automatic & manually)

- React Playground showing similar security stuff like output encoding and manually sanitizing

- Banking Server: Demo to show CSRF attack in action (real customer client, attacker client & rest api server)