Welcome to the full schedule of the OWASP AppSec Research EU 2013 training days. You’ll find the schedule for the conference days at http://sched2013.appsec.eu
Back To Schedule
Tuesday, August 20 • 9:30am - 5:30pm
Defensive Programming for Javascript & HTML5

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

This full-day course helps web front-end developers understand the risks involved with manipulating JavaScript and HTML5 and apply defensive programming techniques in both languages. Some of the topics covered include, but are not limited to, important security aspects of modern browser architecture (DOM and SOP), XSS, CSRF, DOM manipulation, Sandboxing iframes, JavaScript Execution Contexts, CORS, Web Messaging, Web Storage, Geolocation, and JSON. This course is structured into modules and includes code analysis and remediation exercises. The high-level topics for this course are:
  • The HTML5 and JavaScript Risk Landscape
  • Storage of Sensitive Data
  • Secure Cross-domain Communications
  • Implementing Secure Dataflow
  • JSON-related Techniques

After completing this course, students will be able to:
  • Apply HTML5 Defensive Programming Techniques
  • Apply JavaScript Defensive Programming Techniques
  • Apply JSON Defensive Programming Techniques


Tiago Teles

Tiago Teles is a Technical Consultant with 7 years of experience in clients across different sectors and countries, including banking, insurance, telecommunications and commercial organizations in a variety of roles: Delivering Training, Development, Business Intelligence and Quality... Read More →

Tuesday August 20, 2013 9:30am - 5:30pm CEST
Alsterpanorama I Emporio