JS Party: JavaScript, CSS, Web Development

Feross takes us to security school


Listen Later

Did you know Feross taught Web Security at Stanford last Fall? On this episode, Divya and Nick enroll in his security school to learn about XSS, CSP, ambient authority, and a whole lot more.

Join the discussion

Changelog++ members support our work, get closer to the metal, and make the ads disappear. Join today!

Sponsors:

  • RollbarWe move fast and fix things because of Rollbar. Resolve errors in minutes. Deploy with confidence. Learn more at rollbar.com/changelog.
  • DigitalOcean – DigitalOcean’s developer cloud makes it simple to launch in the cloud and scale up as you grow. They have an intuitive control panel, predictable pricing, team accounts, worldwide availability with a 99.99% uptime SLA, and 24/7/365 world-class support to back that up. Get your $100 credit at do.co/changelog.
  • FastlyOur bandwidth partner. Fastly powers fast, secure, and scalable digital experiences. Move beyond your content delivery network to their powerful edge cloud platform. Learn more at fastly.com.
  • Featuring:

    • Feross Aboukhadijeh – Website, GitHub, X
    • Nick Nisi – Website, GitHub, Mastodon, X
    • Divya – Website, GitHub, LinkedIn, X

    Show Notes:

    • JS Danger: OpenJS World Edition on YouTube
    • CS 253 Web Security - YouTube Playlist
    • CS 253 Course Website
    • CSP
    • Darknet Diaries on Samy
    • Krebs on Security
    • Clickjacking
    • CSP Is Dead, Long Live CSP! On the Insecurity of Whitelists and the Future of Content Security Policy
    • Reining in the Web with Content Security Policy
    • Cross-Site Request Forgery Prevention Cheat Sheet
    • Same-origin policy
    • Cross-Site Request Forgery is dead!
    • Incrementally Better Cookies
    • SameSite cookies explained
    • Something missing or broken? PRs welcome!

      ...more
      View all episodesView all episodes
      Download on the App Store

      JS Party: JavaScript, CSS, Web DevelopmentBy Changelog Media

      • 4.7
      • 4.7
      • 4.7
      • 4.7
      • 4.7

      4.7

      91 ratings


      More shows like JS Party: JavaScript, CSS, Web Development

      View all
      Software Engineering Radio - the podcast for professional software developers by se-radio@computer.org

      Software Engineering Radio - the podcast for professional software developers

      272 Listeners

      The Changelog: Software Development, Open Source by Changelog Media

      The Changelog: Software Development, Open Source

      282 Listeners

      Thoughtworks Technology Podcast by Thoughtworks

      Thoughtworks Technology Podcast

      42 Listeners

      Talk Python To Me by Michael Kennedy

      Talk Python To Me

      591 Listeners

      Software Engineering Daily by Software Engineering Daily

      Software Engineering Daily

      627 Listeners

      Soft Skills Engineering by Jamison Dance and Dave Smith

      Soft Skills Engineering

      270 Listeners

      Python Bytes by Michael Kennedy and Brian Okken

      Python Bytes

      213 Listeners

      Syntax - Tasty Web Development Treats by Wes Bos & Scott Tolinski - Full Stack JavaScript Web Developers

      Syntax - Tasty Web Development Treats

      984 Listeners

      The freeCodeCamp Podcast by freeCodeCamp.org

      The freeCodeCamp Podcast

      485 Listeners

      CoRecursive: Coding Stories by Adam Gordon Bell - Software Developer

      CoRecursive: Coding Stories

      189 Listeners

      Practical AI by Practical AI LLC

      Practical AI

      189 Listeners

      The Stack Overflow Podcast by The Stack Overflow Podcast

      The Stack Overflow Podcast

      64 Listeners

      PodRocket - A web development podcast from LogRocket by LogRocket

      PodRocket - A web development podcast from LogRocket

      58 Listeners

      Oxide and Friends by Oxide Computer Company

      Oxide and Friends

      47 Listeners

      The Pragmatic Engineer by Gergely Orosz

      The Pragmatic Engineer

      52 Listeners