Description
Checks
- This is not a duplicate of an existing issue (please have a look through our open issues list to make sure)
- I have thoroughly read and understand The Odin Project Contributing Guide
- Would you like to work on this issue?
Describe your suggestion
My Suggestion:
Add a dedicated "Web Security" (Or similiar) category with 3-4 concise lessons to for example NodeJS. This section would introduce new web developers (students) to the most critical security topics, risks, and practices they need to know when building and later maintaining web applications.
Why?
Security is absoolutely essential for every developer/SWE, but TOP curriculum currently only covers security topics sporadically. Having a focused section will perhaps:
- Raise awareness about the most common vulnerabilities and attacks (XSS, SQL Injections, CSRF, and also Social Engineering).
- Shows practical prevention strategies, and secure coding habits.
- Help students adopt a security mindset, benefiting them throughout their learning and in future job roles.
Proposed Outline:
- Lesson 1: What is Web Security (Why it matters, types of threats, etc.)
- Lesson 2: Most common vulnerabilities (code samples, XSS, SQL Injections, CSRF)
- Lesson 3: Social Engineering & Human Risks (Phishing, passwords, real stories)
- Lesson 4: Secure Practices (validating, sanitizing input, HTTPS, secrets, dependency safety)
Each lesson would be concise, perhaps include code snippets and real-world examples.
This section I believe will better prepare students for real-world development, but also help them during technical interviews, and contribute to safer web overall.
I am Very happy to help draft these lessons or collaborate on the content.
Path
Node / JS
Lesson Url
https://www.theodinproject.com/lessons/(web-security, common-vulnerabilities, social-engineering, secure-practices))
(Optional) Discord Name
opexx.
(Optional) Additional Comments
No response