Security and Privacy Hub
Use this hub when
- a route handles account, billing, health, finance, or identity data
- third-party scripts, analytics, attribution, or replay are introduced
- raw HTML, user-generated content, or generated UI is rendered
- auth/session behavior changes
- browser storage contains sensitive data
Reading path
| Step | Read |
|---|---|
| Foundation | part-0/security-for-frontend-engineers, part-viii/browser-attack-surface-architecture |
| Browser controls | part-viii/security-architecture-csp-trusted-types, part-viii/auth-session-browser-architecture |
| Privacy | part-viii/privacy-measurement-attribution-architecture, part-viii/compliance-privacy-auditability |
| Review | review-packets/client-side-security-privacy-review-packet, review-packets/security-reliability-review-packet |
| Examples | part-xii/completed-examples/completed-client-side-security-privacy-review, part-xii/completed-examples/completed-third-party-script-register |
| Capstone | capstones/capstone-secure-reliable-account-portal, capstones/solution-packs/capstone-solution-pack-secure-account-portal |
Artifacts to produce
- browser threat model
- sensitive data-flow map
- third-party script register
- CSP rollout plan
- storage and retention decision
- incident runbook
Review prompts
- What attacker-controlled input reaches browser sinks?
- What sensitive data reaches HTML, JS, URLs, storage, logs, analytics, or replay?
- Which third parties run, and who can disable them?
- Which controls are server-enforced rather than UI-only?
Source lens
Use OWASP client-side risk guidance, MDN browser security/privacy documentation, and the guide's Part VIII chapters for architecture controls.