Dive into the world of Single Page Application (SPA) security in this comprehensive conference talk. Explore the profound impact of SPAs with RESTful backends on web application development and the challenges they present to traditional security mechanisms. Discover how to effectively counter Cross-site Scripting (XSS) vulnerabilities in SPAs, implement Content Security Policy (CSP), manage sessions with RESTful APIs, and defend against Cross-site Request Forgery (CSRF) attacks. Gain valuable insights into building secure applications, with practical examples primarily focused on AngularJS, though the principles apply to all SPA frameworks. Equip yourself with the knowledge to navigate the evolving landscape of web application security and protect your single page applications effectively.