Open amdw opened 3 years ago
There are some interesting suggestions in the Angular security docs about things that can be done on the server side to mitigate against security issues:
https://angular.io/guide/security#content-security-policy https://angular.io/guide/security#enforcing-trusted-types
It's worth considering these for PeopleMath, e.g. adding guidance to documentation on how to configure App Engine to emit the appropriate headers.
There are some interesting suggestions in the Angular security docs about things that can be done on the server side to mitigate against security issues:
https://angular.io/guide/security#content-security-policy https://angular.io/guide/security#enforcing-trusted-types
It's worth considering these for PeopleMath, e.g. adding guidance to documentation on how to configure App Engine to emit the appropriate headers.