How does Angular (2) handle XSS and CSRF. Does it even handle these attacks?
If so, what do I have to do to use this protection? If not, do I have to handle all these attacks in my server, or somehow with TypeScript in the frontend?
I have read that you have to use "withCredentials: true
", but I'm not quite sure where to put this code or if it is even that, what I'm looking for.
In the https://angular.io/ webpage I didn't find anything about this (or I just missed it).
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…