Home Conference Sessions Building Secure ...

Building Secure React Applications [VIRTUAL]

Philippe De Ryck | GOTO Oslo 2020

You need to be signed in to add a collection

*This will be presented by video* React is a secure framework. It handles cross-site scripting (XSS) out of the box. While these statements sound very hopeful, they are unfortunately far from reality. Building secure applications with React is easier than starting from scratch. However, even with React, there are several guidelines and considerations to take into account. In this session, we take a deep-dive into two particular topics. We take a close look at XSS, React's defenses, and the responsibilities of the developer. The second topic zooms in on the challenges with including NPM dependencies. We look at how attackers abuse NPM to target your application. Throughout these topics, we build a set of concrete guidelines you can immediately apply to your applications. **What will the audience learn from this talk?** The audience will learn about real-world security pitfalls in React applications, more importantly, how to prevent them. **Does it feature code examples and/or live coding?** Yes, the entire talk is example driven!

Share on:
linkedin facebook
Copied!

Transcript

This will be presented by video

React is a secure framework. It handles cross-site scripting (XSS) out of the box. While these statements sound very hopeful, they are unfortunately far from reality. Building secure applications with React is easier than starting from scratch. However, even with React, there are several guidelines and considerations to take into account.

In this session, we take a deep-dive into two particular topics. We take a close look at XSS, React's defenses, and the responsibilities of the developer. The second topic zooms in on the challenges with including NPM dependencies. We look at how attackers abuse NPM to target your application. Throughout these topics, we build a set of concrete guidelines you can immediately apply to your applications.

What will the audience learn from this talk? The audience will learn about real-world security pitfalls in React applications, more importantly, how to prevent them.

Does it feature code examples and/or live coding? Yes, the entire talk is example driven!

About the speakers

Philippe De Ryck

Philippe De Ryck

Web Security Expert, Founder of Pragmatic Web Security

Related topics