98: Ryan Chenkie - Securing Single Page Applications
- Author
- Adam Wathan
- Published
- Wed 26 Sep 2018
- Episode Link
- https://share.transistor.fm/s/c4f73b06
Topics include:
- What JSON Web Tokens are and how to use them to authenticate users
- Strategies for invalidating stateless API tokens
- Using cookie and session authentication
- Using authentication-as-a-service solutions like Auth0
- Proxying requests to your API to simplify CORS issues
- Protecting against XSS attacks
Sponsors:
- Cloudinary, sign up and get 300,000 images/videos, 10GB of storage and 20GB of monthly bandwidth for free
- Rollbar, sign up at https://rollbar.com/fullstackradio to try their Bootstrap Plan free for 90 days
Links:
- JSON Web Tokens
- Securing Angular Applications, Ryan's book
- Security Headers scanning tool
- "I’m harvesting credit card numbers and passwords from your site. Here’s how."
- https://auth0.com/
- "CORS is bad for performance" Twitter thread
