We have a bunch of general web security stuff at https://developer.mozilla.org/en-US/docs/Web/Security.
And some more specific server-side considerations at https://developer.mozilla.org/en-US/docs/Learn/Server-side/First_steps/Website_security
I’m assuming you are talking about more beginner’s content? I think the reason we haven’t looked at this in earnest is that it is hard to think about what content would most benefit beginners.
Through the learning area, all the content is written with explicit best practies in mind for security, for example not recommending eval()
, and using textContent
rather than innerHTML
.
But I’d be interested in hearing your thoughts about what we could add specifically WRT to security.