Skip to main content

Introduction

Introduction - Prevent CSRF, XSS and XSF attacksIntrocution

TL;DR : Use the security built-in your framework, and do not use custom injection of code. Enable the different securities integrated in your framework, such as CSRF token.
Deny all iframe, or scope it to trusted domains if needed