-
Notifications
You must be signed in to change notification settings - Fork 6
Security & Performance
Marius Unger edited this page Mar 14, 2023
·
3 revisions
There are 3 big topics about security in Angular applications:
- Vulnerabilities
- HTTP security headers
- Sanitizer
In addition to the abovementioned points we recommend:
- run npm audit in your pipeline to be able to respond quickly to new security vulnerabilities
- check your dependencies also for your released versions that are running in production regularly
- for advanced security scans there are also commercial tools that can be used (e.g. Black Duck)
On overview about protecting your application could be found here.
A check can be done for example via snyk's Website Vulnerability Scanner.
Sanitization is the inspection of an untrusted value, turning it into a value that is safe to insert into the DOM. More info can be found in the Angular Docs.
A tool for analysing and optimizing your application is lighthouse.