computer-scienceangular-roadmapbackend-roadmapblockchain-roadmapdba-roadmapdeveloper-roadmapdevops-roadmapfrontend-roadmapgo-roadmaphactoberfestjava-roadmapjavascript-roadmapnodejs-roadmappython-roadmapqa-roadmapreact-roadmaproadmapstudy-planvue-roadmapweb3-roadmap
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
11 lines
801 B
11 lines
801 B
# Cross-site Scripting |
|
|
|
Cross-site scripting (XSS) enables attackers to inject malicious code into web pages. Such code can then, for example, steal user and login data, or perform actions that impersonate the user. |
|
This has been one of the biggest web security vulnerabilities for over a decade. |
|
|
|
To systematically block XSS bugs, Angular treats all values as untrusted by default. When a value is inserted into the DOM from a template binding, or interpolation, Angular sanitizes and escapes untrusted values. |
|
|
|
Visit the following resources to learn more: |
|
|
|
- [@official@Angular Official Docs - Preventing cross-site scripting (XSS)](https://angular.dev/best-practices/security#preventing-cross-site-scripting-xss) |
|
- [@article@Mitigate cross-site scripting (XSS)](https://web.dev/articles/strict-csp) |