This presentation was recorded at GOTO Berlin 2020. #GOTOcon #GOTOber
Philippe De Ryck – PhD in web security, OWASP and practical security mastermind and founder of Pragmatic Web Security
React is a secure framework. It handles cross-site scripting (XSS) out of the box. While these statements sound very hopeful, they are unfortunately far from reality. Building secure applications with React is easier than starting from scratch. However, even with React, there are several guidelines and considerations to take into account.
In this session, we take a deep-dive into two particular topics. We take a close look at XSS, React’s defenses, and the responsibilities of the developer. The second topic zooms in on the challenges with including NPM dependencies. We look at how attackers abuse NPM to target your application. Throughout these topics, we build a set of concrete guidelines you can immediately apply to […]
Download slides and read the full abstract
#Security #OWASP #React
Looking for a unique learning experience?
Attend the next GOTO Conference near you! Get your ticket at
SUBSCRIBE TO OUR CHANNEL – new videos posted almost daily.