Overview
Discover how to fortify your website against common attacks in this 22-minute conference talk from JSConf Budapest 2017. Explore Content Security Policy (CSP), a powerful security mechanism that can make your site impervious to XSS and other vulnerabilities. Learn what CSP is, how it functions, and how to implement it effectively through real-life examples and live coding demonstrations. Delve into topics such as the Sony hack, frontend security, the MySpace virus incident, cross-site scripting, HTTP-only cookies, and the potential drawbacks of CSP. Gain valuable insights to enhance your web application's security posture and protect against prevalent threats in the digital landscape.
Syllabus
Introduction
Sony hack
Frontend security
Virus on MySpace
Crosssite scripting
HTTP only cookies
Content Security Policy
Content Security Policy downsides
Taught by
JSConf