Protecting your JavaScript APIs

Visit the original version of this article on Medium.

Here's an excerpt from an article I've published over at the Intrinsic blog:

When writing JavaScript libraries developers generally consider the user of the library to be well intentioned. Though they may add runtime checks (e.g., “the third argument is expected to be a string”) to APIs to prevent misuse, most libraries are not designed to interact with malicious code. But suppose your users were malicious. What does it take to make a JavaScript library robust against a malicious environment?

The article contains several different situations in which a malicious party is able to fool a JavaScript library into performing unintended actions. Do you have what it takes to lock down your libraries from such attacks?

Thomas Hunter II Avatar

Thomas is the author of Advanced Microservices and is a prolific public speaker with a passion for reducing complex problems into simple language and diagrams. His career includes working at Fortune 50's in the Midwest, co-founding a successful startup, and everything in between.