Using a JavaScript CDN That Cannot XSS You - With Subresource Integrity

Overview

Explore the concept of Subresource Integrity in this 35-minute conference talk from AppSecEU 2015 in Amsterdam. Learn how to use a JavaScript Content Delivery Network (CDN) without risking cross-site scripting (XSS) attacks. Frederik Braun presents innovative techniques to enhance web application security by implementing integrity checks for external resources. Gain insights into protecting your web applications from potential vulnerabilities associated with third-party scripts and CDNs. Discover practical strategies for implementing Subresource Integrity to safeguard your users and maintain the integrity of your web content.

Syllabus

AppSec EU15 - Frederik Braun - Using A JavaScript CDN That Can Not XSS You - With Subresource Int...

Taught by

OWASP Foundation

Reviews

Start your review of Using a JavaScript CDN That Cannot XSS You - With Subresource Integrity

Taught by

OWASP Top 10: Protecting Against Threats and Vulnerabilities

Fixing XSS with Content Security Policy

Towards a Post-XSS World

ScriptProtect: Mitigating Unsafe Third-Party JavaScript Practices

No More XSS - Deploying CSP with Nonces and Strict-Dynamic

Making Content Security Policy Work For You

Never Stop Learning.