Expanded

React Security: Best Practices

React applications are often built to provide delightful experience to users but the resulting complexity can lead to security issues. This course will teach you how to harden your user interface code and prevent attacks against React components.
Course info
Level
Intermediate
Updated
Jul 20, 2021
Duration
1h 5m
Table of contents
Description
Course info
Level
Intermediate
Updated
Jul 20, 2021
Duration
1h 5m
Description

Users expect Web applications to be secure and React apps are no different. In this course, React Security: Best Practices, you’ll learn to improve the security of your React applications. First, you’ll explore how to use React features to prevent cross-site scripting attacks. Next, you’ll discover how to safely render dynamic HTML in your React components. Finally, you’ll learn how to prevent code injection vulnerabilities when using server-side rendering. When you’re finished with this course, you’ll have the skills and knowledge of React security best practices needed to better protect your users.

About the author
About the author

Marcin Hoppe is a senior manager on the Product Security team at Auth0. He is passionate about writing secure JavaScript code and is an active member of the open source security community.

More from the author
Securing Your GitHub Project
Intermediate
1h 32m
Mar 4, 2021
JavaScript Security: Best Practices
Intermediate
1h 31m
Aug 20, 2020
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone. My name is Marcin Hoppe. Welcome to my Pluralsight course, React Security: Best Practices. I am a software engineer, and I specialize in building secure applications and APIs. I am very passionate about teaching developers like you about web security. Web applications are everywhere, from ordering meals online, to doing banking on the internet. Users have very high expectations about security of online services they depend on in their lives. The web is also a tremendous opportunity for criminals and other malicious actors. Security holes in applications can be disastrous both for consumers and for businesses. This is no different for front end applications that increasingly depend on React as their fundamental building block. In this course, we're going to learn how to harden your React applications against the most common types of attacks. We are going to cover: cross‑site scripting vulnerabilities, automatic protections applied by React, data sanitization techniques, insecure React APIs such as dangerouslySetInnerHTML and the refs, risks in server‑side rendered components. By the end of this course, you'll understand the most common threats to React components, and you will know how to write more secure React code. I hope you'll join me on this journey to learn how to protect your front end applications with the React Security: Best Practices course at Pluralsight.