Mike West: Towards a post-XSS world. — JSConf EU 2013
https://www.ispeech.org
Slides: https://speakerdeck.com/mikewest/towards-a-post-xss-world-jsconf-eu-2013
Cross-site scripting attacks are pervasive and dangerously exploitable threats to modern web applications, undermining the critical assumption that your app's code is actually under your control. But you know that already; you're likely playing whack-a-mole right now with one of the dozens of potential attack vectors your app exposes.
Happily, we're this close to eradicating XSS with some new tools like Content Security Policy. Come spend a half-hour of your life learning how you can stop worrying about maliciously injected script. You'll be glad you did!
Mike's "Intro to CSP" article: http://www.html5rocks.com/en/tutorials/security/content-security-policy/
Source: http://2013.jsconf.eu/speakers/mike-west-towards-a-postxss-world.html
License: For reuse of this video under a more permissive license please get in touch with us. The speakers retain the copyright for their performances.
2013-10-21 15:47:11
source
Gloss