Feross takes us to security school
Did you know Feross taught Web Security at Stanford last Fall? On this episode, Divya and Nick enroll in his security school to learn about XSS, CSP, ambient authority, and a whole lot more.
Did you know Feross taught Web Security at Stanford last Fall? On this episode, Divya and Nick enroll in his security school to learn about XSS, CSP, ambient authority, and a whole lot more.
Changelog++ members support our work, get closer to the metal, and make the ads disappear. Join today!
Sponsors
- Rollbar – We move fast and fix things because of Rollbar. Resolve errors in minutes. Deploy with confidence. Learn more at rollbar.com/changelog.
- DigitalOcean – DigitalOcean’s developer cloud makes it simple to launch in the cloud and scale up as you grow. They have an intuitive control panel, predictable pricing, team accounts, worldwide availability with a 99.99% uptime SLA, and 24/7/365 world-class support to back that up. Get your $100 credit at do.co/changelog.
- Fastly – Our bandwidth partner. Fastly powers fast, secure, and scalable digital experiences. Move beyond your content delivery network to their powerful edge cloud platform. Learn more at fastly.com.
Featuring
- Feross Aboukhadijeh – Twitter, GitHub, Website
- Nick Nisi – Twitter, GitHub, Website
- Divya – Twitter, GitHub, LinkedIn, Website
Notes and Links
- JS Danger: OpenJS World Edition on YouTube
- CS 253 Web Security - YouTube Playlist
- CS 253 Course Website
- CSP
- Darknet Diaries on Samy
- Krebs on Security
- Clickjacking
- CSP Is Dead, Long Live CSP! On the Insecurity of Whitelists and the Future of Content Security Policy
- Reining in the Web with Content Security Policy
- Cross-Site Request Forgery Prevention Cheat Sheet
- Same-origin policy
- Cross-Site Request Forgery is dead!
- Incrementally Better Cookies
- SameSite cookies explained
Something missing or broken? PRs welcome!