Wednesday 14th November, 2012
12:00pm to 1:00pm
HTML5 has changed the way we build and deploy code on the web, moving much of an application's logic from the server down to a user's browser, caching data locally via storage APIs, and delivering exciting experiences without touching the network. This has excellent effects on both speed and availability, but makes it more critical than ever to practice what we preach in terms of security best practices. This talk will outline some of the ways in which you can mitigate the effects of cross-site scripting and other attacks, ranging all the way from practical use of Content Security Policy to properly sandboxing user-generated content.
Making the web marginally less insecure, one deprecation at a time. I work on Chrome's security team, but my tweets are my own, etc, etc. bio from Twitter
Sign in to add slides, notes or videos to this session