🚀 The Ultimate Angular Adapter for TanStack Query | by Netanel Basal | Nov, 2023 | Netanel Basal
https://netbasal.com/the-ultimate-angular-adapter-for-tanstack-query-fac41b244c6f
https://netbasal.com/the-ultimate-angular-adapter-for-tanstack-query-fac41b244c6f
Medium
🚀 The Ultimate Angular Adapter for TanStack Query
Angular Official Docs are pretty great! Security in #Angular is important! 🔐
Things you should remember!!! 👇
🔐 Best Practices
➼ Stay updated with Angular library releases.
➼ Avoid altering Angular core
➼ Steer clear of APIs marked "Security Risk".
🔐 XSS Prevention
➼ Block malicious code entry to DOM.
➼ Angular treats all values as untrusted by default.
➼ Sanitizes values inserted into DOM from templates.
➼ Templates are trusted; avoid creating them with user input.
🔐 Sanitization and Security Contexts
➼ Angular sanitizes values for HTML, styles, URLs.
➼ Context-specific: HTML, Style, URL, Resource URL.
➼ Development mode warnings for sanitization changes.
🔐 Direct DOM API Use & Explicit Sanitization
➼ Use Angular templates over direct DOM interaction.
➼ For unavoidable cases, use Angular sanitization functions.
🔐 Trusting Safe Values
➼ Use DomSanitizer for necessary executable code or URLs.
➼ Context-specific methods liek bypassSecurityTrustHtml.
🔐 Content Security Policy (CSP)
➼ Prevents XSS via web server configuration.
➼ Requires unique per-request nonces for Angular to render styles.
🔐 Enforcing Trusted Types
Use HTTP headers with one of the following Angular Policies:
➼ angular
➼ angular#unsafe-bypass
➼ angular#unsafe-jit
➼ angular#bundler
🔐 Server-side XSS Protection
➼ Avoid creating Angular templates on the server side.
➼ Use templating languages that auto-escape values.
🔐 HTTP-level Vulnerabilities
➼ Built-in support for CSRF/XSRF and XSSI.
➼ Cooperate server and client for anti-XSRF technique.
🔐 Auditing Angular Applications
➼ Follow regular web app security principles.
➼ Audit Angular-specific APIs marked as sensitive.
More in depth look can be found in Docs: https://angular.dev/guide/security
Things you should remember!!! 👇
🔐 Best Practices
➼ Stay updated with Angular library releases.
➼ Avoid altering Angular core
➼ Steer clear of APIs marked "Security Risk".
🔐 XSS Prevention
➼ Block malicious code entry to DOM.
➼ Angular treats all values as untrusted by default.
➼ Sanitizes values inserted into DOM from templates.
➼ Templates are trusted; avoid creating them with user input.
🔐 Sanitization and Security Contexts
➼ Angular sanitizes values for HTML, styles, URLs.
➼ Context-specific: HTML, Style, URL, Resource URL.
➼ Development mode warnings for sanitization changes.
🔐 Direct DOM API Use & Explicit Sanitization
➼ Use Angular templates over direct DOM interaction.
➼ For unavoidable cases, use Angular sanitization functions.
🔐 Trusting Safe Values
➼ Use DomSanitizer for necessary executable code or URLs.
➼ Context-specific methods liek bypassSecurityTrustHtml.
🔐 Content Security Policy (CSP)
➼ Prevents XSS via web server configuration.
➼ Requires unique per-request nonces for Angular to render styles.
🔐 Enforcing Trusted Types
Use HTTP headers with one of the following Angular Policies:
➼ angular
➼ angular#unsafe-bypass
➼ angular#unsafe-jit
➼ angular#bundler
🔐 Server-side XSS Protection
➼ Avoid creating Angular templates on the server side.
➼ Use templating languages that auto-escape values.
🔐 HTTP-level Vulnerabilities
➼ Built-in support for CSRF/XSRF and XSSI.
➼ Cooperate server and client for anti-XSRF technique.
🔐 Auditing Angular Applications
➼ Follow regular web app security principles.
➼ Audit Angular-specific APIs marked as sensitive.
More in depth look can be found in Docs: https://angular.dev/guide/security
angular.dev
Home • Angular
The web development framework for building modern apps.
Just ignore 😅
Please open Telegram to view this post
VIEW IN TELEGRAM
Tree-shakable by default | blog | Matthieu Riegler
https://riegler.fr/blog/2023-10-08-tree-shakable-as-default
https://riegler.fr/blog/2023-10-08-tree-shakable-as-default
riegler.fr
Tree-shakable by default
Don't run with a backpack full of rocks
Krypto im Advent -> für den Security Nachwuchs!
gerne auch teilen...
https://krypto-im-advent.de | https://www.linkedin.com/posts/dalini_krypto-im-advent-activity-7126553451487989761-S7RZ?utm_source=share&utm_medium=member_desktop | https://x.com/ektoplant/status/1720781860136001776?s=20
In den meisten Geschäften startet die Weihnachtsdeko - also wird es auch wieder Zeit sich für 🎄 Krypto im Advent 2023 🎄 anzumelden!
Das Online-Weihnachtstürchen-Gewinnspiel 🎁 für angehende Krypto-Experts: Entry-Level Klasse 3-6 und in Klasse 7-10 für Fortgeschrittene!
Jetzt anmelden und ab 01.12. mit rätseln 💻 und gewinnen!
Profis dürfen auch mitmachen aber ohne Gewinnoption! 😉
Alle Details findet ihr auf https://krypto-im-advent.de
#mint #schule #krypto #securityculture
gerne auch teilen...
https://krypto-im-advent.de | https://www.linkedin.com/posts/dalini_krypto-im-advent-activity-7126553451487989761-S7RZ?utm_source=share&utm_medium=member_desktop | https://x.com/ektoplant/status/1720781860136001776?s=20
In den meisten Geschäften startet die Weihnachtsdeko - also wird es auch wieder Zeit sich für 🎄 Krypto im Advent 2023 🎄 anzumelden!
Das Online-Weihnachtstürchen-Gewinnspiel 🎁 für angehende Krypto-Experts: Entry-Level Klasse 3-6 und in Klasse 7-10 für Fortgeschrittene!
Jetzt anmelden und ab 01.12. mit rätseln 💻 und gewinnen!
Profis dürfen auch mitmachen aber ohne Gewinnoption! 😉
Alle Details findet ihr auf https://krypto-im-advent.de
#mint #schule #krypto #securityculture
krypto-im-advent.de
Startseite | Krypto-im-Advent
Krypto im Advent ist ein interaktiver Adventskalender für Schüler/innen der Klassen 3 bis 10, der dich in die Welt der Verschlüsselung entführt.
DOM reading and writing with new lifecycle hooks in Angular - DEV Community
https://dev.to/railsstudent/dom-reading-and-writing-with-new-lifecycle-hooks-in-angular-4n7e
https://dev.to/railsstudent/dom-reading-and-writing-with-new-lifecycle-hooks-in-angular-4n7e
DEV Community
DOM reading and writing with new lifecycle hooks in Angular
Introduction In Angular 16, Angular has added two new lifecycle hooks, afterNextRender and...
Navigating the Nuances of toSignal in Angular: What to Know | by Netanel Basal | Nov, 2023 | Netanel Basal
https://netbasal.com/navigating-the-nuances-of-tosignal-in-angular-what-to-know-e4d6a4b5dfaf
https://netbasal.com/navigating-the-nuances-of-tosignal-in-angular-what-to-know-e4d6a4b5dfaf
Medium
Navigating the Nuances of toSignal in Angular: What to Know
Angular provides the toSignal function that transforms an observable to a signal. Upon examining various developers’ code, I’ve noticed a…