Sicherheit
Web Security
Browser-facing and cross-cutting web security skill for production applications.
Covers: CSRF, XSS, CSP, cookie security, CORS, session management, authentication,
JWT security, OAuth 2.1, SSRF, security headers, input validation, dependency scanning,
and OWASP API Security Top 10.
Use when: implementing auth, reviewing security posture, configuring CORS/CSP/cookies,
or hardening endpoints against browser-based attacks.
Sources: OWASP cheat sheets, Google BeyondCorp, Stripe, Cloudflare, Mozilla, Auth0, RFC 9700.