-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.html
19 lines (16 loc) · 1.89 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
<!DOCTYPE html>
<html>
<head>
<title>My first website</title>
</head>
<body>
<h1>Hello world!</h1>
<p>Welcome to my first website.</p>
<h2>Web Security</h2>
<p id="web-security-question">How would you advise a potential client to secure his/her website from web security attacks? Note: the word count for your answer should not be greater than 250 words</p>
<p id="web-security-answer">[There are a lot of different threats when it comes to web security, but the most common threats anyone developing a webside should be aware of is XSS, SQL injection and CSRF.
There are a lot of different threats when it comes to web security, but the most common threats anyone developing a webside should be aware of is XSS, SQL injection and CSRF.
There are some good practices a front-end developer should be aware of and use because they are efficient, these are sanitization of data, secure authorization and authentication, Continuous Deployment/Continuous Integration (CI/CD), Network security, and implementation of automatic user timeout.
Shortly explained, sanitization of data is ensuring that the data a system accepts is in the right format, which can be done when using NodeJS, which basically sanitizes your HTML code. Secure authorization and authentication are good to use so that authorization and authentication are hard to crack, can be done by using for example OneLogin. CI/CD basically catches any oversights from the developer and helps maintain the reliability of the changes coming to the codebase, for example, GitHub Action. Network security is a front-end developer's responsibility because he/she must be aware of which networks to connect to and to be aware of where to host their website. Implementation of automatic user timeout involves protecting those users who left their credentials hanging in the browser for too long]</p>
</body>
</html>