Sunday, December 15, 2013

Security Practices When Making Calls to Server From Client Side

With HTML5 getting more widely adopted and more application logic done on client side, better (a different type) security should be considered to mitigate risk. Nettuts+ discussed some of the measures that can be deployed for just that. The topics are:

  • Don’t Even Think About HTTP
  • Make XSS Less Harmful With Content Security Policy
  • Use Cross Origin Resource Sharing Instead of JSONP
  • Sandbox Potentially Harmful Iframes

» Client-Side Security Best Practices | Nettuts+

No comments:

Post a Comment

Do provide your constructive comment. I appreciate that.