SecAppDev 2024 lecture details

Building Secure ReactJS Applications

Learn to secure ReactJS apps against XSS, data leaks, and more. Dive into props, dangerouslySetInnerHTML, CSS, JSON, XSS protections, and SSR. Essential for safer development.

Tuesday June 4th, 09:00 - 10:30
Room West Wing
Download handouts
Web security
Secure Coding
Abstract

Explore ReactJS security to combat risks like XSS and data leaks. Learn to secure React apps beyond built-in features, covering topics such as unescaped props, dangerouslySetInnerHTML, JavaScript URLs, CSS styled-components, JSON integration, React's XSS protections, advanced defense tactics, lazy loading, access control, template injection vulnerabilities, and server-side rendering. This session equips developers with strategies for building safer ReactJS applications.

Key takeaway

Component dynamics, unescaped props, dangerouslySetInnerHTML, JavaScript URLs, CSS, JSON, XSS defenses, lazy loading, template injection, SSR.

Content level

Deep-dive

Target audience

ReactJS developers

Prerequisites

Understanding of the ReactJS framework

Join us for SecAppDev. You will not regret it!

Jim Manico
Jim Manico

CEO, Manicode Security

Expertise: Secure coding, security engineering

More details

Join us for SecAppDev. You will not regret it!

Related lectures

Practical cryptography with Tink

Deep-dive lecture by Neil Madden in room West Wing

Monday June 3rd, 16:00 - 17:30

Learn how to translate cryptography know-how into robust working code that is easy to review. Avoid common implementation pitfalls by learning how to use the modern Tink cryptographic library.

Key takeaway: Learn how to use Tink to implement cryptographic features and protocols in a robust manner.

Cryptography
Secure Coding
OWASP top 10

Supercharging OAuth 2.0 security

Advanced lecture by Philippe De Ryck in room Lemaire

Tuesday June 4th, 16:00 - 17:30

Discover how to apply OAuth 2.0 in high-security scenarios, exploring its latest security enhancements. Learn about advanced features like Resource Indicators, JAR, PAR, and DPoP, gaining the knowledge to implement OAuth 2.0 securely.

Key takeaway: OAuth 2.0 offers various new security enhancements, including Resource Indicators, JAR, PAR, DPoP, designed for high-security environments

Web security
Architecture
Authentication
Authorization

Security foundations for modern web applications

Introductory lecture by Philippe De Ryck in room West Wing

Monday June 3rd, 11:00 - 12:30

In this session, we explore how to leverage the fundamental security model of the web for security. We also explore how to build a secure foundation for your web and API-based applications.

Key takeaway: Understand how the browser reasons about web security, and how you can leverage browser security mechanisms to secure your applications

Web security
API security
all workshops all lectures

SecAppDev offers the most in-depth content you will find in a conference setting