Christian Wenz
Christian Wenz is an author, consultant and trainer focussing on web technologies and web application security. He wrote or co-wrote over 100 books, is a fixture at international developer conferences since 2001, and is the lead author of the Zend PHP certification. His day job at Arrabiata Solutions includes conducting security audits, migrating old code bases, implementing complex web applications and helping companies choose the right mix of web technologies.
Sessions Montréal 2024
How to mess up JWT's - a practitioner's guide
Session en anglais - Intermédiaire
JSON Web Tokens are everywhere - you are using a bunch of them right now. It's such a common technology, yet, it's very easy to get them wrong. In this session, we get to the nitty gritty of JWT's - what they are, how they work, and how to make sure that we haven't made an app that just waits to be hacked.
Single Page Applications vs. Cross-Site Scripting
Session en anglais - Intermédiaire
Cross-Site Scripting (XSS) is still one of the most common vulnerabilities in web applications, despite well-known and effective countermeasures. Often neglected however are XSS issues when using a Single-Page Application (SPA) framework like Angular, React, or Vue.js. We will have a look at those systems, analyze the attack surface, and look for both specific weaknesses and specific countermeasures. A must-see session if you are using SPAs.
Top ASP.NET Core 8 & Blazor 8 Features
Session en anglais - Intermédiaire
By the time of the conference, .NET 8 will have been released. Just like each even version, the new release will be under a 3 year long term support, so many applications are expected to be upgraded. The presenter has worked with .NET 8 since the first pre-release version, with mostly joy, and sometimes minor frustration. In this session, we will take a look at the top new features: what has been missing for a long time and is now available.
