DEV Community

Cover image for 7 Common Front End security attacks

7 Common Front End security attacks

Mrinalini Sugosh (Mrina) on January 04, 2024

As web applications become increasingly critical for business operations, they’re also more attractive targets for cyber attacks. Unfortunately th...
Collapse
 
random_ti profile image
Random

Insightful overview! Your clear explanations make it easier for developers to understand and address front-end security challenges effectively

Thanks for sharing💖

Collapse
 
mrinasugosh profile image
Mrinalini Sugosh (Mrina)

@random_ti Glad it was effective!

Collapse
 
aceix profile image
the_aceix

Very nice article. Some examples would really help understand.

Collapse
 
mrinasugosh profile image
Mrinalini Sugosh (Mrina)

@aceix I plan on diving into more detail! Will ping you when I publish some examples of the attack and defense as well

Collapse
 
mrinasugosh profile image
Mrinalini Sugosh (Mrina) • Edited

@aceix I just published an article that's a bit more of a deep dive on the first attack
XSS

Collapse
 
chideracode profile image
Chidera Humphrey

Thanks for sharing this insightful piece.

Collapse
 
mrinasugosh profile image
Mrinalini Sugosh (Mrina)

@chideracode Glad it was helpful!

Collapse
 
kk_786 profile image
Kratarth

Great! Also it would've been better if defensive measures were included. But thanks for the knowledge.

Collapse
 
mrinasugosh profile image
Mrinalini Sugosh (Mrina)

@kk_786 Plan on posting more articles with examples!

Collapse
 
mrinasugosh profile image
Mrinalini Sugosh (Mrina)

@kk_786 Just published an article that's a bit more of a deep dive on the first type of common attack XSS

Collapse
 
timocodes profile image
TimoCodes

Nice article. CSRF link is missing f from the end and goes into 404

Collapse
 
mrinasugosh profile image
Mrinalini Sugosh (Mrina)

@timocodes Good catch! Thank you, just fixed it

Collapse
 
javed74 profile image
Javed Ansari

Nice article and explanation. As others commented about missing more examples and counter measures. Do let me know when you post with more details.

Collapse
 
mrinasugosh profile image
Mrinalini Sugosh (Mrina)

@javed74 Just published an article that's a bit more of a deep dive on the first type of common attack
XSS

Collapse
 
begueradj profile image
Billal BEGUERADJ

Several flaws in this article.
For example, MITM attacks does not fall into the frontend attacks.

Collapse
 
mrinasugosh profile image
Mrinalini Sugosh (Mrina)

@begueradj Thanks for pointing this out. Man-in-the-Middle (MITM) attacks are also considered front-end security attacks because they typically target the communication between a user (the client) and the server. In front-end security, the focus is on protecting data as it's transferred from the user's device to the server, which is where MITM attacks come into play. Here's a few ways how it fits into the front-end security paradigm:

  1. User Interaction
  2. Data Interception
  3. Session Hijacking
  4. SSL Stripping
  5. Relevance to Front-End Security Measures

While I do agree that MITM attacks affect the data transmission between client and server (which to many can be considered the 'back end' of a system), it's essential to understand that security requires both strong front-end and back-end measures against a wide range of vulnerabilities, including MITM which is a very common vulnerability

Collapse
 
badgerduke profile image
Eric Hamacher

Very good! Thank you!