• Avoid injecting dynamic Html content
  • Sanitize external HTML
  • Do not put external URLs in the application
  • Use AOT compilation
  • Prevent XSRF attack by restricting api
BY Best Interview Question ON 13 May 2020