Single Page Application frameworks have brought us a boost in clean application architecture and also security, mainly because of better separation of concerns. But using a SPA framework alone does not automatically get you bullet-proof security. There is still a lot to look out for, and, for example, XSS is not a fully solved problem yet. In this talk, we’ll explore the most important security pitfalls SPA frameworks and how to solve them. We’ll also compare some of the security features of the most common SPA frameworks Angular, React, and Vue.js.