Explore a 20-minute conference talk from USENIX Enigma 2016 that delves into the challenges of Cross-Site Scripting (XSS) filtering in modern web applications. Learn about the limitations of server-side and browser-side XSS filters, and discover why DOM-based sanitation is crucial for applications working offline, using encryption, or communicating peer-to-peer. Understand the technical challenges posed by DOM Clobbering attacks and their impact on XSS filters. Gain insights into a two-part solution that addresses these issues, including a methodology to defend against DOM Clobbering and an efficient JavaScript-based XSS filter implementation. Examine the proof-of-concept tool DOMPurify and its potential applications in various browser environments.
Overview
Syllabus
USENIX Enigma 2016 - ToStaticHTML for Everyone! About DOMPurify, ...
Taught by
USENIX Enigma Conference
Related Courses
-
*UPDATED* DOM 2023 Build Dynamic Websites JavaScript Part 1
-
Why Is Usable Security Hard, and What Should We Do About It?
-
Foundations of Web Development: CSS, Bootstrap, JS, React
-
Client-Side Protection Against DOM-Based XSS Done Right
-
JavaScript: The Complete Course for Web Development Mastery
-
Complete JavaScript Projects Course Games 55 Modern JS DOM
