SecAppDev 2024 lecture details
Building Secure ReactJS Applications
Learn to secure ReactJS apps against XSS, data leaks, and more. Dive into props, dangerouslySetInnerHTML, CSS, JSON, XSS protections, and SSR. Essential for safer development.
Tuesday June 4th, 09:00 - 10:30
Room West Wing
Add to calendar (ICS) Add to Google calendarAbstract
Explore ReactJS security to combat risks like XSS and data leaks. Learn to secure React apps beyond built-in features, covering topics such as unescaped props, dangerouslySetInnerHTML, JavaScript URLs, CSS styled-components, JSON integration, React's XSS protections, advanced defense tactics, lazy loading, access control, template injection vulnerabilities, and server-side rendering. This session equips developers with strategies for building safer ReactJS applications.
Key takeaway
Component dynamics, unescaped props, dangerouslySetInnerHTML, JavaScript URLs, CSS, JSON, XSS defenses, lazy loading, template injection, SSR.
Content level
Deep-dive
Target audience
ReactJS developers
Prerequisites
Understanding of the ReactJS framework
Join us for SecAppDev. You will not regret it!
Grab your seat nowJoin us for SecAppDev. You will not regret it!
Grab your seat nowRelated lectures
Practical cryptography with Tink
Deep-dive lecture by Neil Madden in room West Wing
Monday June 3rd, 16:00 - 17:30
Learn how to translate cryptography know-how into robust working code that is easy to review. Avoid common implementation pitfalls by learning how to use the modern Tink cryptographic library.
Key takeaway: Learn how to use Tink to implement cryptographic features and protocols in a robust manner.
Supercharging OAuth 2.0 security
Advanced lecture by Philippe De Ryck in room Lemaire
Tuesday June 4th, 16:00 - 17:30
Discover how to apply OAuth 2.0 in high-security scenarios, exploring its latest security enhancements. Learn about advanced features like Resource Indicators, JAR, PAR, and DPoP, gaining the knowledge to implement OAuth 2.0 securely.
Key takeaway: OAuth 2.0 offers various new security enhancements, including Resource Indicators, JAR, PAR, DPoP, designed for high-security environments
An open source WAF in a high security setting
Introductory lecture by Christian Folini in room West Wing
Wednesday June 5th, 09:00 - 10:30
Introduction to WAFs, a highly commercial market with a dominant open source offering, crazy incentives of WAF vendors, the history of online voting in Switzerland, the 2019 disaster and ray of hope cast by the WAF.
Key takeaway: Basic understanding of web application firewalls, their use cases and their limits.