form-security

What problem does it solve?

Web forms, especially those handling sensitive data, are frequent targets for security vulnerabilities like CSRF and XSS, and often fail to integrate with password managers, leading to poor user experience and weak passwords. This Skill provides essential patterns to build secure, compliant, and user-friendly forms, protecting both your users and your application.

Core Features & Use Cases

• Autocomplete Attributes: Guides on using correct autocomplete values for seamless integration with password managers, improving user experience and password strength.
• CSRF Protection: Implements token-based protection and SameSite cookies to prevent Cross-Site Request Forgery attacks, safeguarding against malicious requests.
• XSS Prevention: Provides patterns for input sanitization and output encoding to guard against Cross-Site Scripting vulnerabilities, preventing code injection.
• Secure Password Handling: Best practices for password fields, including allowing paste, visibility toggles, and never logging sensitive data, enhancing user security.
• Use Case: A developer is building a new login and registration system. This skill provides the essential patterns for autocomplete="current-password" and autocomplete="new-password", CSRF token implementation, and input sanitization to ensure the forms are secure and user-friendly, reducing security risks and development time.

Quick Start

Generate a secure React login form with email and password fields, ensuring correct autocomplete attributes, CSRF protection, and XSS prevention.