Greetings, dear developers!
I’d like to know how secure are pre-built/deployed web applications on the frontend side (is there protection against XSS, CSRF and other hacking threats) ? I am not strong in web development, but have been looking at potential threats that can be carried out in the frontend.
I am planning to create a web application where external users (need authorization) will post their content (text, code samples, files, etc). I.e. input fields, especially large text fields, rich text editor (for formatted HTML text) will be used.
Are there any built-in security features? And what could be the methods of additional protection? Can confidential user data, files be stolen? I would be glad to receive any hints and answers!