Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Practicing Safe Script

Alex Sexton
December 03, 2013

Practicing Safe Script

Front End Web Security is hard. This deck goes through why there's no hope of patching every hole and suggests the opposite approach via whitelisting (old news, right?). Also suggests we try to make security sexier so more people buy-in.

Alex Sexton

December 03, 2013
Tweet

More Decks by Alex Sexton

Other Decks in Programming

Transcript

  1. “Hey everyone, you should make your websites more secure because

    it’s important.” ! Probably isn’t going to do the trick.
  2. “All you have to do is never make a single

    mistake.” - I Think Mike West
  3. My Friend, Mike Taylor’s User Agent Mozilla/5.0  (Macintosh;  Intel  Mac

     OS  X  10.9;   rv:25.0)  <script>alert(‘lol’);</script>  Gecko/20100101   Firefox/25.0
  4. My Friend, Mike Taylor’s User Agent Mozilla/5.0  (Macintosh;  Intel  Mac

     OS  X  10.9;   rv:25.0)  <script>alert(‘lol’);</script>  Gecko/20100101   Firefox/25.0