This list seems somewhat inactive, which I find a bit surprising, but I am
very interested in one particular aspect of security when I build Clojure
apps.
Right now my interest is in building REST web services and web applications
backed by a relational database with something like Angular or
First note that Im not a security expert so take my advice with a grain of
salt,
There are couple of middlewares that are worth checking out (in addition to
friend):
* https://github.com/weavejester/ring-anti-forgery
* https://github.com/myfreeweb/ring-ratelimit
Regarding SQL injection
Some recent discussions related to my development of Friend have prompted me to
create a new group:
https://groups.google.com/group/clojure-sec
Dedicated to discussing security issues affecting those building applications
with Clojure and its variants.
I'm sure many of us are building
Neat!
I realize this isn't exclusively web-oriented, but given Friend, I expect
that will dominate. So, I give you OWASP:
https://www.owasp.org/index.php/Main_Page
There is a lot of documented and codified experience in OWASP that may be
fruitfully extracted and hopefully contributed back