Completed
Trusted Types
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
XSS Mitigation - The State of the Art
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Main XSS variants
- 3 Web security model: Same Origin Policy, 1995
- 4 Juicy targets: Electron apps
- 5 Most common bypasses
- 6 Disable JavaScript
- 7 Trusted Types
- 8 Cookies security
- 9 The future of browser defenses
- 10 Server Side Rendering options
- 11 Auto Content Security Policy for Server Side Rendering
- 12 Templating engines-level mitigations
- 13 Static Application Security Testing (SAST)
- 14 Existing standards mitigations overview (aka security headers soupe)
- 15 The future of server side mitigations
- 16 Battlecards: XSS threat model
- 17 Frameworks and associated risks
- 18 Supply chain security: XSS specific risks Remote dependencies can be tampered with
- 19 XSS defense in depth