YoVDO

Writing Secure JavaScript Code - Avoiding Vulnerabilities and Attacks

Offered By: Mozilla Hacks via YouTube

Tags

Web Application Security Courses Regular Expressions Courses Code Optimization Courses Input Validation Courses Event Loop Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Learn essential techniques for writing secure JavaScript code in this 32-minute conference talk from View Source 2017. Explore the strengths of JavaScript, understand common vulnerabilities, and dive into topics such as regular expressions, the event loop, and catastrophic backtracking. Discover how to prevent attacks through input manipulation, JSON handling, and type manipulation. Examine real-world examples, including the DustJS vulnerability, and gain practical insights on securing web applications. Conclude with key takeaways on library vulnerabilities, utilizing tools like Microsoft Sonar and Lighthouse, and the importance of regular upgrades for maintaining code security.

Syllabus

Introduction
What makes JavaScript great
MS Vulnerability
Regular Expressions
The Event Loop
Catastrophic Backtracking
Redose
Attack Manipulation
JSON as Input
Type Manipulation
DustJS
About Page
Playing with About Page
Wrapping Up
Takeaways
Libraries have bugs
Microsoft Sonar and Lighthouse
Upgrade


Taught by

Mozilla Hacks

Related Courses

Authentication & Authorization: OAuth
Udacity Desarrollo de Aplicaciones Web: Seguridad
University of New Mexico via Coursera Web Application Development: Security
University of New Mexico via Coursera Hacking and Patching
University of Colorado System via Coursera Fundamentals of Computer Network Security
University of Colorado System via Coursera