YoVDO

ToStaticHTML for Everyone - About DOMPurify

Offered By: USENIX Enigma Conference via YouTube

Tags

USENIX Enigma Conference Courses Web Development Courses Javascript Courses Web Application Security Courses Document Object Model (DOM) Courses

Course Description

Overview

Explore a 20-minute conference talk from USENIX Enigma 2016 that delves into the challenges of Cross-Site Scripting (XSS) filtering in modern web applications. Learn about the limitations of server-side and browser-side XSS filters, and discover why DOM-based sanitation is crucial for applications working offline, using encryption, or communicating peer-to-peer. Understand the technical challenges posed by DOM Clobbering attacks and their impact on XSS filters. Gain insights into a two-part solution that addresses these issues, including a methodology to defend against DOM Clobbering and an efficient JavaScript-based XSS filter implementation. Examine the proof-of-concept tool DOMPurify and its potential applications in various browser environments.

Syllabus

USENIX Enigma 2016 - ToStaticHTML for Everyone! About DOMPurify, ...


Taught by

USENIX Enigma Conference

Related Courses

Adventures in Authentication and Authorization
USENIX Enigma Conference via YouTube Navigating the Sandbox Buffet
USENIX Enigma Conference via YouTube Meaningful Hardware Privacy for a Smart and Augmented Future
USENIX Enigma Conference via YouTube Working on the Frontlines - Privacy and Security with Vulnerable Populations
USENIX Enigma Conference via YouTube Myths and Lies in InfoSec
USENIX Enigma Conference via YouTube