JavaScript Security

About This Book

• Understand the JavaScript security issues that are a result of both the frontend and the backend of a web app
• Learn to implement Security techniques to avoid cross site forgery and various JavaScript vulnerabilities.
• Secure your JavaScript environment from the ground up, with step-by-step instructions covering all major ways to tackle Security issues

Who This Book Is For

This book is for JavaScript developers having basic web development knowledge and also for those who want to explore the security issues that arise from the use of JavaScript. Prior knowledge of how JavaScript is used, such as for DOM manipulation or to perform Ajax operations, is assumed.

What You Will Learn

• Review the features of JavaScript and its vulnerabilities
• Use JavaScript in tandem with Ajax RESTful APIs
• Deal with cross-site scripting
• Make basic GET and POST calls to an endpoint
• Explore what cross-site forgery is and how to deal with it
• Avoid misplaced trust in the client and explore various examples
• Understand JavaScript phishing

In Detail

This book starts off with an introduction to JavaScript security and gives you an overview of the basic functions JavaScript can perform on the Web, both on the client side and the server side. It demonstrates a couple of ways in which RESTful APIs can be laden with security flaws. You will also create a simple RESTful server using Express.js and Node.js. You will then focus on one of the most common JavaScript security attacks, cross-site scripting, and how to prevent cross-site scripting and cross-site forgery.

Last but not least, the book covers JavaScript phishing, how it works, and ways to counter it.

By the end of this book, you will be able to identify various risks of JavaScript and how to prevent them.