New: We've launched a brand new Coding Challenges section! Check out these interactive, real-world exercises to level up your skills.Explore Challenges
FrontendPrep
Topic Directory

Web Security Questions

Master your Web Security fundamentals, advanced mechanics, and ace your frontend interview challenges.

Web Security Stats
9questions loaded
2 Easy5 Medium2 Hard
Show
Sort

Showing 9 of 9 questions

Web Security
Medium

Web Security: Authentication, JWTs, and Session Management

Compare JWTs vs. Session Cookies for authentication. Learn about secure token storage, CSRF risks, token revocation, XSS vectors, and cookie flags (HttpOnly, Secure, SameSite).

SecurityAuthenticationJWT
9 min read
View
Web Security
Easy

Web Security: Clickjacking and Frame Busting Mitigation

Understand clickjacking attacks and how to defend against them. Learn about X-Frame-Options headers, Content Security Policy frame-ancestors, and framing sandboxes.

SecurityClickjackingWeb Security
6 min read
View
Web Security
Hard

Web Security: Content Security Policy (CSP) in Depth

Master Content Security Policy (CSP). Learn how to declare strict CSP directives, use nonces and hashes, restrict object/script sources, and set up violation report logging.

SecurityContent Security PolicyWeb Security
9 min read
View
Web Security
Medium

Understanding CORS and Content Security Policy (CSP)

Master network and document security. Learn how Cross-Origin Resource Sharing (CORS) handles preflight requests, and how Content Security Policy (CSP) mitigates script injections.

SecurityCORSCSP+1
6 min read
View
Web Security
Medium

Web Security: CORS Mechanics and Configuration Errors

Master the mechanics of Cross-Origin Resource Sharing (CORS). Learn about preflight OPTIONS requests, simple vs credentialed requests, access control headers, and common misconfigurations.

SecurityCORSWeb Security
8 min read
View
Web Security
Medium

Web Security: CORS Preflight Requests (OPTIONS)

Learn what triggers a CORS preflight request (OPTIONS), how it affects web performance, and how to optimize it.

Web SecurityCORSAPI+1
6 min read
View
Web Security
Medium

Web Security: Token Storage (Cookies vs LocalStorage)

Learn where to securely store JWTs and authentication tokens in web applications, comparing LocalStorage, SessionStorage, and secure Cookies.

Web SecurityAuthenticationCookies+1
6 min read
View
Web Security
Easy

Web Security: SQL Injection (SQLi) and Parameterized Queries

Learn how SQL Injection vulnerabilities occur and how to prevent them. Understand parameterized queries, input sanitization, ORM integration, and database least privilege principles.

SecurityDatabaseSQL Injection
7 min read
View
Web Security
Hard

Mitigating XSS and CSRF in Web Applications

Master client-side web security. Learn how Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) work, how they differ, and complete mitigation strategies.

SecurityCookiesXSS+1
6 min read
View