You have to know the basics of web security and how to take care of these issues in web development. A good way to start learning is to read OWASP Top 10 Most Critical Web Application Security Risks (https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project). Then you have to learn how to handle these issues with the frameworks you are using.