developing web sites with Javascript, json and HttpSelfHostServer

For some business web application in the future I would like to use this constellation :
- web site designed in in html/css/javascript/JQuery (Single Page)
- using https
- using stateless authentication
- get content/data (maybe sensitive) from web services (HttpSelfHostServer with Prepared SQL Statements) returning JSON to the Javascript site

I read much about web site security and I'm worried about the fact, if this is a secure combination.

Can you help me to get a recommendation ?
Is there a kind of trap I will fall into ?

Thanks for your evaluation (and the appropriate arguments).

Gerhard
GKiesslingAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Pravin AsarPrincipal Systems EngineerCommented:
Since you have not defined specific scope to this question, this is difficult to pinpoint actual solution.

But you an look at AngularJS, BootStrap, Node.JS, Express. Assuming you will have some sort of database at the backend, you may look at some NoSQL database (such as MongoDB).

If you want to do WebSites based on purely JavaScript, HTML and CSS,  MEAN stack could be way to go.
MEAN stands for

MongoDB
Express.JS
Angular.JS
Node.JS
ambienceCommented:
The "combination" has little to do with security, except, HTTPS which is for transport level security and for most cases the best that you can get. You can think of data security on top of HTTPS by making sure sensitive information is not leaked, through cookies or display data. Also, some well know attacks like SQL injection are taken care of by utilizing well-known patterns.

ASP MVC for example authenticates requests for potential threats.

To answer your question directly, this combination can be secure if you do it correctly. Conversely, any combination/stack can be insecure if you dont use it in a secure manner.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
GKiesslingAuthor Commented:
Thanks for the answer(s). They are quite "universal".
Some keywords for concrete circumstances I would have to pay attention for would have been nice.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
JavaScript

From novice to tech pro — start learning today.