Secure Coding with YUI

A session at YUIConf 2012

Thursday 15th November, 2012

2:00pm to 2:50pm (PST)

In this largely demo oriented talk, we will present both common and not so common security issues arising out of unsafe YUI coding. We will analyze real world vulnerable examples. Followed with code examples, on the right way to secure those with YUI. We will also focus on good security patterns that can eliminate a number of frontend vulnerabilities we see today, for instance, the effectiveness of auto escaping templating engines in defending against various cases of XSS, a.k.a Cross Site Scripting.

Speaker Bio:

Bishan is a web security engineer at Yahoo. He is a frequent speaker at International security and developer conferences. Amongst others, he has spoken at NullCon, c0c0n, Great Indian Developer Summit, OSI, Security Byte and ClubHack. At Yahoo, he helps engineers develop secure and defensible web apps. Both Albert and Bishan have contributed towards making YUI secure in its 3.5.0 release, and have also reported security issues on examples at YUI website.

About the speaker

This person is speaking at this event.

Next session in Secondary Room

3pm Security Testing of YUI Powered Applications by Albert Kin-Ying Yu and Dmitri Savintsev

Sign in to add slides, notes or videos to this session

Tell your friends!


Time 2:00pm2:50pm PST

Date Thu 15th November 2012


Secondary Room, Santa Clara Marriott Hotel

Short URL


Official event site


View the schedule



See something wrong?

Report an issue with this session