Fork me on GitHub

Towards a post-XSS world

Mike West(00:24:29) Binoculars Image

sourced from JSConfEU

RATE THIS


Cross-site scripting attacks are pervasive and dangerously exploitable threats to modern web applications, undermining the critical assumption that your app's code is actually under your control. But you know that already; you're likely playing whack-a-mole right now with one of the dozens of potential attack vectors your app exposes.

Happily, we're this close to eradicating XSS with some new tools like Content Security Policy. Come spend a half-hour of your life learning how you can stop worrying about maliciously injected script. You'll be glad you did!

Mike's "Intro to CSP" article: http://www.html5rocks.com/en/tutorials/security/content-security-policy/


COMMENT