Wrapping Up
You’ve now seen several approaches that can be taken to make your web applications more secure. None of these are specific to htmx. But it’s extra important to consider them because htmx is all about fetching HTML from endpoints and inserting it into the DOM. That can be fertile ground for XSS attacks if preventing them isn’t considered.
For more details on making htmx-based web applications secure, see the excellent essay Web Security Basics (with htmx)[74] by Alexander Petros.
Next, you’ll learn some ways that an htmx-based web app can receive multiple updates over time without sending a request for each update.
Get Server-Driven Web Apps with htmx now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
