Oracle JET applications support all common web application security standards and best practices, including the Open Web Application Security Project (OWASP), the Web Application Security Project (WASP), and the Web Application Security Working Group (WASWG). In addition to this, the Oracle JET framework provides authorization for user-specific data access with the oj.OAuth
plugin.
The Oracle JET framework has also developed secure coding standards that mitigate security threats, including:
- Strict mode of execution for all JavaScript components
- No inline script elements are adopted for framework components
- No random number generation logic is employed
The Oracle JET motivates us to include mechanisms for sanitizing strings via established guidelines for dealing with XSS attacks in our own code and content.
Oracle JET framework offers the oj.OAuth
plugin, which supports the OAuth 2.0 standards. It is a standard mechanism to provide access to users without having to...