Thursday 15th November, 2012
2:00pm to 2:50pm
In this largely demo oriented talk, we will present both common and not so common security issues arising out of unsafe YUI coding. We will analyze real world vulnerable examples. Followed with code examples, on the right way to secure those with YUI. We will also focus on good security patterns that can eliminate a number of frontend vulnerabilities we see today, for instance, the effectiveness of auto escaping templating engines in defending against various cases of XSS, a.k.a Cross Site Scripting.
Bishan is a web security engineer at Yahoo. He is a frequent speaker at International security and developer conferences. Amongst others, he has spoken at NullCon, c0c0n, Great Indian Developer Summit, OSI, Security Byte and ClubHack. At Yahoo, he helps engineers develop secure and defensible web apps. Both Albert and Bishan have contributed towards making YUI secure in its 3.5.0 release, and have also reported security issues on examples at YUI website.
Sign in to add slides, notes or videos to this session