issues
search
TheIronYard--Orlando
/
FEE--2015--SPRING
Class projects for the Front-End Engineering cohort of @TheIronYard--Orlando for Spring 2015
Creative Commons Zero v1.0 Universal
13
stars
7
forks
source link
Assignment 25: Build Me Something Beautiful
#304
Closed
al-the-x
closed
9 years ago
al-the-x
commented
9 years ago
[x]
Homework Review
(3 things)
[X] API Gymnastics: Avg Commits per Day
[x] Chessboard: displaying data
[x] Chessboard: move pieces
[ ]
Retrospective
What did we do well? What should we continue?
What should we improve? What should we stop?
Did we meet our goals and why?
[ ]
Authentication vs Authorization
Who are you? How do I know?
Are you allowed to perform an action?
What actions are you allowed to perform?
User / Action / Resource
[ ]
Authentication
Credentials: Username & Password
HTTP Basic / Digest
Form-based authentication
Credentials: Unsigned Token
via HTTP query string param
via HTTP header
via HTTP cookie value
http-only
Credentials: Signed with Pre-Shared Key (PSK)
signed via SSL/TLS
signed via OAuth 1.0A
[ ]
Authorization
Permissions: CRUD vs BREAD
Example: Unix read-write-execute
Example: Github Issues vs Commits
Permissions: Explicit vs Implicit
Permissions: Liberal vs Conservative
Permissions: Inheritance
[ ]
Security Considerations
Same-Origin Security Policy
Cross-Origin Resource Sharing
JSONP (A Creative Hack)
Server-Side Proxy
http-only