AngularJS is a JavaScript framework for developing the client side of single page web applications. Use this tag for all versions of the framework.
Questions tagged [angularjs]
41 questions
109
votes
4 answers
Do I need CSRF token if I'm using Bearer JWT?
Context: Angular site is hosted on S3 behind CloudFront, separate from Express server that is used as API and almost all requests are XMLHttpRequests. All requests are sent without cookies (withCredentials = false by default) and I use JWT Bearer…
Igor Pomogai
- 1,193
- 2
- 8
- 7
17
votes
1 answer
Vulnerability in popular Javascript Framework (Angularjs)
I found a bug that allows you to escape the AngularJS template sandbox. Angular is a mustache based template language. It allows you to put expressions that are evaluated in your html. For example, {{1+1}} renders at 2
The sandbox makes it so users…
ialexander
- 311
- 2
- 9
12
votes
2 answers
How to pentest an AngularJS based SPA (Single Page Application)
I am trying to Pentest an application which is built in AngularJS. The difficulties that I am facing:
Burp Suite's "spider this host" option is not able to crawl all the urls as most of the requests are AJAX and Angular based.
When I am trying…
Jassi
- 399
- 1
- 2
- 7
4
votes
1 answer
Mitigation for Insecure Deserialization
I'm trying to look for some way for mitigation of insecure deserialization vulnerability for the application front-end
Then I found this link
https://blog.jscrambler.com/exploring-the-owasp-top-10-by-exploiting-vulnerable-node-applications
I saw…
aj go
4
votes
0 answers
What are commonly used security practices when writing a hybrid mobile app with a framework like ionic 2?
I'm new to hybrid app development and web development in general. Are there common coding practices/techniques I can use to ensure that I write code which does not put the end user at risk of malicious software exploiting my app to cause harm?
How…
ThisIsNotAnId
- 141
- 3
3
votes
2 answers
Angular application for PCI-DSS certification
I want to design Angular 6 application for PCI-DSS compliance. Is it a good idea to use it having in mind that this is a client-side application with a server back-end? Do you know if there any company which already uses it for applications with…
Peter Penzov
- 131
- 2
3
votes
2 answers
Use javascript variable instead of session cookie
I have decided to plunge deep into Angular-like technologies, where all pages are practically just one page that gets never reloaded. And at this point I had the idea, instead of using cookies (which I don't really need), why not authenticate with…
Panayotis
- 133
- 4
3
votes
1 answer
CSRF tokens for a JWT-auth system using cookies
I think I have this sorted, but would love to hear if I'm wrong. We have a Python+Angular.js set of apps, which are using JWT tokens for authentication, where the tokens are encrypted using a secret key, the payload identifies the user, and the…
Iain Duncan
- 382
- 2
- 12
3
votes
1 answer
What is best way to pentest an AngularJS web app with a REST backend?
Traditionall webapps are often pentested by vulnerability scanners like Burp Suite, OWASP ZAP or with the other gazillion tools included in Kali.
But what is the best way to pentest automatically a JavaScript web-app (AngularJS) with a REST…
hofbrau
- 41
- 1
- 2
3
votes
8 answers
How to avoid reveal password in a form?
I've recently discover that if you use inspect element to see the source code of the Html, you can change this to then you can see the password revealed, So, how can I avoid that in angularJS? or pure…
napstercake
- 195
- 1
- 1
- 4
2
votes
2 answers
Cookie-to-header token CSRF protection - is it necessary to verify cookie value?
I'm testing Angular application which uses Cookie-to-header token CSRF protection. According to Angular documentation https://angular.io/guide/http#security-xsrf-protection:
When performing HTTP requests, an interceptor reads a token from a
cookie,…
user187205
- 1,163
- 3
- 15
- 24
2
votes
1 answer
I discovered a Client Side Template Injection (CSTI), and after?
As part of a bounty bug, I discovered a Client Side Template Injection (CSTI). I would like to create more "impressive" payload to increase the risk of the vulnerability. The framework affected is AngularJS.
Theses payload…
Anonyme
- 274
- 2
- 8
2
votes
0 answers
Protecting frontend code for SPA + Restful API with OIDC
I've got an Angular 1 SPA with a Restful API that I'd like to restrict access to. As I understand, typically the OIDC Implicit flow is designed just for this. However, I consider the frontend SPA code sensitive as well and would like to restrict…
hhp
- 21
- 2
2
votes
1 answer
AngularJS Sanitize function vs. server-side output encoding
I mainly audit web applications and provide the companies with security countermeasures and recommendations. Currently, I have an issue with giving a correct recommendation when it comes to AngularJS Sanitize function against XSS protection. I have…
sgres
- 129
- 2
- 8
2
votes
1 answer
Is there any point in using 'strict-dynamic' in an AngularJS 1.x application?
I do not see the point in using CSP 3's new strict-dynamic in the case of an AngularJS 1.x application.
As far as I can tell, using strict-dynamic still allows arbitrary Javascript injection via a sandbox escape in a template:
…
Jean Hominal
- 186
- 7