A podcast about web design and development.
…
continue reading
Content provided by Adam Wathan. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Adam Wathan or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
98: Ryan Chenkie - Securing Single Page Applications
MP3•Episode home
Manage episode 217653112 series 1401837
Content provided by Adam Wathan. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Adam Wathan or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Topics include:
- What JSON Web Tokens are and how to use them to authenticate users
- Strategies for invalidating stateless API tokens
- Using cookie and session authentication
- Using authentication-as-a-service solutions like Auth0
- Proxying requests to your API to simplify CORS issues
- Protecting against XSS attacks
Sponsors:
- Cloudinary, sign up and get 300,000 images/videos, 10GB of storage and 20GB of monthly bandwidth for free
- Rollbar, sign up at https://rollbar.com/fullstackradio to try their Bootstrap Plan free for 90 days
Links:
- JSON Web Tokens
- Securing Angular Applications, Ryan's book
- Security Headers scanning tool
- "I’m harvesting credit card numbers and passwords from your site. Here’s how."
- https://auth0.com/
- "CORS is bad for performance" Twitter thread
152 episodes
MP3•Episode home
Manage episode 217653112 series 1401837
Content provided by Adam Wathan. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Adam Wathan or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Topics include:
- What JSON Web Tokens are and how to use them to authenticate users
- Strategies for invalidating stateless API tokens
- Using cookie and session authentication
- Using authentication-as-a-service solutions like Auth0
- Proxying requests to your API to simplify CORS issues
- Protecting against XSS attacks
Sponsors:
- Cloudinary, sign up and get 300,000 images/videos, 10GB of storage and 20GB of monthly bandwidth for free
- Rollbar, sign up at https://rollbar.com/fullstackradio to try their Bootstrap Plan free for 90 days
Links:
- JSON Web Tokens
- Securing Angular Applications, Ryan's book
- Security Headers scanning tool
- "I’m harvesting credit card numbers and passwords from your site. Here’s how."
- https://auth0.com/
- "CORS is bad for performance" Twitter thread
152 episodes
All episodes
×Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.