HTML5 & JavaScript Security

60 %
40 %
Information about HTML5 & JavaScript Security

Published on March 12, 2014

Author: source-code-analysis



JavaScript controls our lives. We use it to zoom in and out of a map, to automatically schedule doctor appointments and to play online games. But have we ever properly considered the security state of this scripting language?

Before dismissing the (in)security posture of JavaScript on the grounds of a client-side problem, consider the impact of JavaScript vulnerability exploitation to the enterprise: from stealing server-side data to infecting users with malware. Hackers are beginning to recognize this new playground and are quickly adding JavaScript exploitation tools to their Web attack arsenal.

In this talk we explore the vulnerabilities behind Javascript, including:

- A new class of vulnerabilities unique only to JavaScript

- Vulnerabilities in 3rd-party platforms which are exploited through JavaScript code

- HTML5 is considered the NG-Javascript. In turn, HTML5 introduces a new set of vulnerabilities

Add a comment

Related presentations

Presentación que realice en el Evento Nacional de Gobierno Abierto, realizado los ...

In this presentation we will describe our experience developing with a highly dyna...

Presentation to the LITA Forum 7th November 2014 Albuquerque, NM

Un recorrido por los cambios que nos generará el wearabletech en el futuro

Um paralelo entre as novidades & mercado em Wearable Computing e Tecnologias Assis...

Microsoft finally joins the smartwatch and fitness tracker game by introducing the...

Related pages

HTML5 Security Cheatsheet

HTML5 Security CheatsheetWhat your browser does when you look away...
Read more

Chrome Test - Acid3, HTML5, Javascript, Benchmarks, Security

Internet Explorer, Firefox, Safari, Chrome, Opera: Wer die Wahl hat, hat bekanntlich auch die Qual. Die wichtigsten Kriterien bei der Auswahl des richtigen ...
Read more

HTML5 & JavaScript Security

Agenda What is HTML 5.0? •New Features/Security Implications – Cross origin resource sharing – Content Security Policy – Web Storage & Web SQL
Read more

Sicherheit von JS, HTML5 und Co -

Wie steht es um die Sicherheit von JavaScript, HTML5 und Co? Im Interview geht der Sicherheitsexperte Mario Heiderich auf diese Frage ein.
Read more

JavaScript Security & HTML5 - Deadliest Web Attacks ...

Internal Browser Security • Process separation • Sandboxing plugins • HTML5 does away with plugins altogether • XSS Auditors • Only for the simplest
Read more

HTML5 localStorage security - Stack Overflow

HTML5 localStorage security. ... html5 security. share ... provide a password and you have to depend on not-so-well-tested javascript implementations of ...
Read more

html5 - Protecting code in JavaScript - Stack Overflow

If HTML5 and JavaScript is to replace products like Flash and Silverlight I can see a lot of situations ... Security / Protecting code in JavaScript. Related.
Read more

HTML5 Security Cheat Sheet - OWASP

HTML5 Security Cheat Sheet. ... (also known as Cross Domain ... consider using a JavaScript rewriting framework such as Google Caja or ...
Read more

HTML5 Security in a Nutshell | Veracode - Cloud-Based ...

Lots of people have been asking us for opinions on HTML5 security lately. Chris and I discussed the potential attack vectors with the Veracode research ...
Read more

An Introduction to Content Security Policy - HTML5 Rocks

An Introduction to Content Security Policy HTML5 Rocks. ... Inline JavaScript mixes structure and behavior in exactly the way ... Content-Security-Policy: ...
Read more