Category: Security

NestJS Security

API with NestJS #117. CORS – Cross-Origin Resource Sharing

This entry is part 117 of 175 in the API with NestJS

Cross-Origin Resource Sharing (CORS) is a mechanism for disallowing or allowing resources to be requested from another origin. It is built into web browsers and determines whether it is safe to allow a cross-origin request based on HTTP headers. In this article, we explain the CORS mechanism and use it with a NestJS application. What […]

Security

The Referer header and the importance of the Referrer-Policy

As web developers, we should care about the privacy of our users. This article explains what the Referer header is and what information it exposes. We also learn to use the Referrer-Policy to control how many details the referer header should include. We can increase privacy and deal with some potential security issues by doing […]

Security

The danger of iframe clickjacking and how to deal with it

When developing an application, we need to ensure that our users are safe from various attacks. Unfortunately, the web has a lot of mechanisms that can be abused. In this article, we explore the idea of iframes and underline the danger of clickjacking. We also learn how to deal with this problem using the X-Frame-Options […]