Home| All soft| Last soft| Your Orders| Customers opinion| Helpdesk| Cart

Program Search:


Shopping Cart:




*Note: Minimum order price: €20
We Recommend:

Pluralsight AngularJS Security Fundamentals €10 buy download

2015
Pluralsight
Troy Hunt
2h27m
English

Client side frameworks such as AngularJS have become enormously popular due to their ability to streamline the development process and make more responsive web applications by moving workload from the server to the browser. With the popularity and enthusiasm around these frameworks also comes confusion about their security profiles and associated risks. Often, when developers build client apps with server back ends they approach the application as though they control the entire ecosystem. Assumptions are often made that the client they built will only ever talk to the server side APIs they built in the way they designed them. This view often overlooks the risk of an attacker circumventing the client controls and executing calls directly against the server side A9PI outside the intended scope of the application. Much of this course is about helping developers understand where the security boundaries of client side frameworks begin and end. It does this by demonstrating common implementation patterns using Angular and illustrating where security weaknesses may be introduced. It also highlights specific defenses implemented by Angular, and demonstrates the mechanics of how they work, and how they may be misconfigured to introduce risks.

Introduction 15:42
Overview 1:36
Why Angular Security? 3:43
Who This Course Is For 2:39
About the Course 2:24
Introducing the Insecure AngularJS App 3:42
Summary 1:34
Understanding Client Framework Security Boundaries 28:03
Overview 1:55
The Composition of AngularJS 3:37
Overview of the Web Stack 3:09
Typical Security Risks in the Stack 4:41
Defending the Stack 4:52
Always Assume the Client Is Compromised 2:57
Circumventing the Client 4:15
Summary 2:34
Working with Security Controls on the Server 38:27
Overview 1:48
Understanding Page Lifecycles 5:46
Authentication and Identity Persistence 2:40
Cookies Versus Tokens 4:58
Sending the Bearer Token 4:00
Persisting the Bearer Token When the DOM Is Unloaded 5:00
Exploiting Insufficient Authorization 4:45
The Risk Behind Client Side Security Trimming 3:50
Securing Templates Versus Securing Services 3:17
Summary 2:17
Common Security Flaws on the Client Side 32:24
Overview 1:44
Understanding DOM Versus HTML Source 4:09
Security Assumptions and the Risk of "View Source" 4:15
Excessive Model Attributes in API Responses 3:20
Understanding Output Encoding in Client Libraries 6:13
HTTP Only and Secure Cookies 4:47
The Risk of Cross Site Request Forgery 5:24
Summary 2:28
Security Constructs Within AngularJS 32:43
Overview 1:49
Protecting Against Cross Site Request Forgery 8:29
Using the ngSanitize Module 5:57
Working with Unsanitized HTML 5:46
The Danger of Server Side Templates Rendering User Input 8:18
Summary 2:22

http://pluralsight.com/



Download File Size:285.97 MB

Pluralsight AngularJS Security Fundamentals
€10
Customers who bought this program also bought:

Home| All Programs| Today added Progs| Your Orders| Helpdesk| Shopping cart      





FileMaker Pro 19 €50

Pinnacle Studio Ultimate 25 €25

CorelDRAW Graphics Suite 2022 €65





CorelDRAW Graphics Suite 2021.5 for Mac €65

 		             

Adobe Master Collection 2021 for Mac €260





Orchestral Tools TIME micro KONTAKT €40

Steinberg HALion 6.4.0.101 STANDALONE €40

Native Instruments Komplete 12 Ultimate Collectors Edition €50