Nuxt Security
XSS protection, CSRF tokens, Content Security Policy, rate limiting, input sanitization, security headers
1What is the Nuxt Security module?
What is the Nuxt Security module?
คำตอบ
Nuxt Security is an official module that automatically configures a Nuxt 3 application to follow OWASP security patterns using HTTP Headers and Middlewares. It includes features like CSP (Content Security Policy), rate limiting, XSS validation, CSRF protection and security headers configuration. The module applies secure defaults while allowing granular per-route customization via routeRules.
2What is the default CSP directive for script-src in Nuxt Security?
What is the default CSP directive for script-src in Nuxt Security?
คำตอบ
The default script-src directive uses 'self' (same-origin scripts), https: (HTTPS scripts), 'unsafe-inline' (inline scripts), 'strict-dynamic' (dynamic script authorization), and 'nonce-{{nonce}}' (nonce for inline scripts in SSR). This combination balances security and compatibility, though 'strict-dynamic' is recommended for strict security in production.
3What is a nonce in the context of Content Security Policy?
What is a nonce in the context of Content Security Policy?
คำตอบ
A nonce (number used once) is a unique random token generated server-side for each request and included in both the CSP header and inline script tags. It allows only inline scripts that have this specific nonce, blocking XSS-injected scripts that wouldn't have the correct nonce. In Nuxt Security, nonce is enabled by default in SSR with security.nonce: true and the placeholder 'nonce-{{nonce}}' in script-src.
Which HTTP header protects against clickjacking attacks?
What is the difference between SSR and SSG for Content Security Policy in Nuxt Security?
+17 คำถามสัมภาษณ์
หัวข้อสัมภาษณ์ Vue.js / Nuxt.js อื่นๆ
JavaScript Fundamentals
Modern JavaScript (ES6+)
Vue Basics
Vue Components
Vue Router
Pinia State Management
Vuex (Legacy)
Composition API
Vue Reactivity
Nuxt Fundamentals
Nuxt Data Fetching
Nuxt SSR & SSG
Nuxt Server Routes
Nuxt Modules
Vue Composables
Vue Forms & Validation
Nuxt State Management
Vue Testing
Nuxt Deployment & CI/CD
Vue Performance
Vue Advanced Patterns
TypeScript with Vue
Nuxt Authentication
SEO with Nuxt
Nuxt Internationalization
Vue Architecture
Vue Ecosystem
Migration Vue 2→3 & Nuxt 2→3
เชี่ยวชาญ Vue.js / Nuxt.js สำหรับการสัมภาษณ์ครั้งถัดไป
เข้าถึงคำถามทั้งหมด flashcards แบบทดสอบเทคนิค แบบฝึกหัด code review และตัวจำลองสัมภาษณ์
เริ่มใช้ฟรี