From the course: JavaScript: Security Essentials
Best practices for CSRF threats - JavaScript Tutorial
From the course: JavaScript: Security Essentials
Best practices for CSRF threats
- [Instructor] So let's review the best practices to prevent CSRF issues with your application or site. As we've covered quite a bit already, always apply token-based authentication with tools such as JWT libraries like Auth0. If you don't like what Auth0 has to offer, there are other libraries you can take a look at on the jwt.io site. If you don't have any ways to protect for CSRF, an attacker can do all kinds of no-goods on your application or website. And all the rules explored in the previous chapter or even across this course, apply to this case as well. As we've also mentioned many times in this course, use popular libraries such as React and Angular, where they have pre-built tools to mitigate many types of risks, such as CSRF. Angular has a solid HTTP client, if you prefer to use this over Auth0 or JWT. Last but not least, take the time to review the rules at this link, to make sure you understand all the risks and have plans in place to prevent them.
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.