How do I secure this Spring Boot + Thymeleaf + Vue.js app?

Bruno Drugowick - Feb 12 '20 - - Dev Community

I have this app:

brunodrugowick

Complete CRUD with Spring Boot, Vue.js, Axios

Bruno Drugowick ・ Feb 9 '20 ・ 4 min read

#java #vue #axios #spring

And I'm wondering how do I properly secure it? The app has:

  • Server-rendered pages with Thymeleaf.
  • An API providing data for the pages.

What's the proper way to secure and its underlying limitations considering this architecture?

Some questions that pop on my mind, to help you understand why I'm asking:

  • Can I go with Spring Security defaults (adding csrf token on my forms that POST/PUT with Vue.js)?
  • How do I integrate this with my DELETE via API, for example?
  • Should I disable csrf?
  • Does this architecture makes sense? What are the caveats?

...

Cover image from Christoph Scholz.

Image
Mastering Roku App Testing: A Comprehensive Developer's Guide

rokuapptesting, apptesting, smarttvtesting, applicationtesting
Image
Boost Your Income by Guest Posting

webdev, beginners, productivity, opensource
Image
A detailed guide to create an AI Shopify App - Step by Step

shopify, ai, webdev, shopifast
Image
How to Budget for a Home Extension Loan - Expert Tips

homeextensionloans, loans, homeloans
Image
Aplikasi Sewa Mobil Indonesia Untuk Travel yang Lebih Murah!
Image
What Is Binomo?

binomo, login, trading, indonesia
Image
I build a website for comic translate using ai
Image
#36 — Match The First Part of The Cell Value

productivity, tutorial, programming, beginners
Image
Unlock the Secrets of Computer Systems with Carnegie-Mellon's ICS Course! 🖥️

getvm, universitycourses, programming, tutorial
Image
How to Dockerize a React Application

docker, react, javascript, webdev
Image
🤖 100 Days of Generative AI - Day 4 - The rise and rise of transformers🤖

gpt3, ai, nlp, neural
Image
Secure Your World | Pro Locksmith Connection's Comprehensive Services
Image
Tailwind CSS: Responsive Utilities

css, sass, tailwindcss, scss
Image
How to Select Accessories to Complement Your Lederhosen Men and German Outfit
Image
Why firebase instead of other databases?

firebase, dev, devops, discuss
Image
React SSR by express and vite

node, react, webdev, frontend
Image
Injee - The no configuration instant database for frontend developers.

webdev, javascript, react, vue
Image
Understanding Database Views: Usage, Benefits, and Considerations

database, sql, mysql, views
Image
Method Syntax

learning, rust, codenewbie
. . . . . . . . . . . . . . . . . . . .
Terabox Video Player