Securing your socket apps

A session at The Realtime Conference Europe

Tuesday 23rd April, 2013

4:25pm to 4:50pm (PMT)

Although people have been hacking messaging systems on top of HTTP for years, it's only since the arrival of WebSockets and EventSource that the idea has become mainstream. As ever, new web technology means new attack vectors that developers must be aware of.

By adding realtime messaging to a web app, you are opening your site up to a host of potential security problems, including CSRF and XSS. While working on the pub/sub framework Faye, I've tried to make it easy to keep your application secure but you still need some knowledge to apply the available tools correctly.

In this talk, I'll discuss the security problems with socket-based applications and explain what you can do to avoid these pitfalls, whatever socket library you're using.

About the speaker

This person is speaking at this event.
James Coglan

Coverage of this session

Sign in to add slides, notes or videos to this session

Tell your friends!

When

Time 4:25pm4:50pm PMT

Date Tue 23rd April 2013

Short URL

lanyrd.com/scfbqr

Official event site

realtimeconf.eu

View the schedule

Share

See something wrong?

Report an issue with this session