Nikhil Sharma nikhilsharma26500

## security-checklist.md

      
              1 file
            
          
              19 forks
            
          
                4 comments
              
            
              101 stars
            
          
                mattppal
                / security-checklist.md
            
            
              Last active
              October 20, 2025 13:43
            
              
                A simple security checklist for your vibe coded apps
              
          
    Frontend Security


Security Measure
Description


☐
Use HTTPS everywhere
Prevents basic eavesdropping and man-in-the-middle attacks


☐
Input validation and sanitization
Prevents XSS attacks by validating all user inputs


☐
Don't store sensitive data in the browser
No secrets in localStorage or client-side code


☐
CSRF protection
Implement anti-CSRF tokens for forms and state-changing requests


☐
Never expose API keys in frontend
API credentials should always remain server-side
	Security Measure	Description
☐	Use HTTPS everywhere	Prevents basic eavesdropping and man-in-the-middle attacks
☐	Input validation and sanitization	Prevents XSS attacks by validating all user inputs
☐	Don't store sensitive data in the browser	No secrets in localStorage or client-side code
☐	CSRF protection	Implement anti-CSRF tokens for forms and state-changing requests
☐	Never expose API keys in frontend	API credentials should always remain server-side