Application security without helper tools like Sails.js
Sails and Express provide built-in, highly customizable protection against most known types of web application layer attacks.
http://sailsjs.org/documentation/concepts/security
Does this mean using AngularJs, Express, MongoDB without Sails or similar helpers I need to manually handle these security scripts? And maybe when I don't know about them, my application might be vulnerable to some attacks?
source to share
This means using AngularJs, Express, MongoDB without sails or similar helpers Do I need to manually handle these security scripts?
Yes. Sails provide solutions, but you still need to use them. Configuration is necessary because security concerns differ from application to application. What sails gives you is the implementation of avoidance methods, i.e. All the main work. What you need to do is choose which of these methods are relevant to your application and how exactly you want to use them. This is usually as easy as setting a variable to true or false.
And maybe when I don't know about them, my application might be vulnerable to some attacks?
Sure. Every application / site is vulnerable. The question is almost rhetorical. Awareness is a basic requirement for prevention / prevention. Remember that no security is ever enough. But it doesn't hurt to use extra security if you get it for free. Moreover, there is very little work in setting up. Of course, this needs to be complemented by good programming.
Good luck!
source to share