Ask HN: How do you test the security of your front-ends?

1 points by kevinSuttle ↗ HN
Looking for experience from the field in hardening web front-ends, specifically with custom API servers, and AWS infrastructure, to prevent tampering and DDOS.

3 comments

[ 1.9 ms ] story [ 16.4 ms ] thread
Front-end means different things in different contexts. What do you mean exactly? Static JS code? Some web heads?
Static web files would be a good start. JS/CSS/HTML.
There's a lot of great content out there. Start here: https://www.owasp.org/

tl;dr Don't trust anything that a web browser (or any client app) sends your servers. Treat data as actively hostile. Use high quality open source projects where you can because they've done all the hard learning for you.