February 22-24, 2023
Montreal, Canada

Rest in Peace, Cross-Site Scripting

  1. Home
  2. Montreal 2023
  3. Sessions

JavaScript Security

February 23, 2023 @ 13:00
ST-Laurent 5
English session - Intermediate

Share on Twitter Share on Facebook

Since almost 25 years, Cross-site scripting (XSS) is one of the most common risks for web application. Yet today, there are many ways to protect a web application from the attack: browser features, HTTP headers, and special APIs. This talk first discusses why XSS is dangerous at all and then covers countermeasures: Content Security Policy, Trusted Types API, and protection in SPA frameworks. After this talk, there's (almost) no excuse to get XSS.

View all 152 sessions

Christian Wenz

Christian Wenz

Arrabiata Solutions GmbH

Christian Wenz is an author, consultant and trainer focussing on web technologies and web application security. He wrote or co-wrote over 100 books, is a fixture at international developer conferences since 2001, and is the lead author of the Zend PHP certification. His day job at Arrabiata Solutions includes conducting security audits, migrating old code bases, implementing complex web applications and helping companies choose the right mix of web technologies.

Read More

Sponsored by

Copyright © 2010-2024 ConFoo. All rights reserved. Code of Conduct