Explore a novel approach to combating Cross-Site Scripting (XSS) and similar web security threats in this conference talk from Hack in Paris. Delve into the use of ECMA Script 5 features to create a client-side Intrusion Detection/Prevention System (IDS/IPS) using JavaScript. Learn how to seal important DOM properties, preventing attackers from reading and modifying sensitive data in a tamper-resistant manner. Discover the potential future of XSS mitigation and eradication through the implementation of these techniques in modern browsers like Chrome 8 and Firefox 4. Gain insights into this lightweight yet effective method of enhancing web security without requiring special execution privileges.
Locking the Throne Room - ECMA Script 5, a Frozen DOM and the Eradication of XSS
Hack in Paris via YouTube
Overview
Syllabus
2of12 Mario Heiderich Locking the Throne Room ECMA Script 5,a frozen DOM and the eradication of XSS
Taught by
Hack in Paris