Security basic

  1. SQL injection

  2. cross-script injection : use helmet, use double curly brackets/handlebars

  3. os command injection: recommend to use the fs/unlink, use worker_threads

  4. remote control: do not use require/eval

  5. token generation: uid-safe

  6. cookie may be tampered

  7. th:utext

PreviousVuex and Mixins

Last updated

Was this helpful?