April 17th, 2017, 12:59 PM
security on front side of web application
First step must be to force HTTPS i guess and to use a session to store not sensible data.
Is it correct ?
April 17th, 2017, 05:09 PM
HTTPS is a protocol using a SSL/TLS encryption through a certificate key, which you configure at the web-server. The client then use that protocol to get the encryption.
Generally, the client can't be trusted, which means any data you receive has to be validated.
Question is what kind of security you are looking for?
You can see a Top 10 list here of possible exploits: