After Bangalore, JSFoo is coming to Pune! JSFoo is a one day conference about developing next-generation applications in JavaScript. Join us for a full day of intense sessions on a variety of topics ranging from core JavaScript concepts to building complete web-applications in JavaScript.
This is your chance to mingle with and learn from JavaScript experts from all over the country!
Sessions are for 45 minutes each: 30 minutes speaking, 10 minutes of Q&A and 5 minutes for people to move between rooms. Tickets are free for confirmed speakers. If you’ve proposed to speak, please wait to hear from us before you buying your ticket. If your proposal is not selected, you will still get Early Geek pricing.
(This event was previously scheduled for December 10 but has been moved to January since the organizing team was busy with Droidcon.)
AN
Ahamed Nafeez
@skepticfx
The wicked JSON
Submitted Nov 21, 2011
Section: Default
Technical level: Advanced
Session type: Lecture
The objective of the talk will be making secure JSON communication and the proper way of handling the same. Most of the attacks using improperly coded JSON, are shown and the methods to overcome them are addressed.
Outline
Owing to its fast nature, JSON is being rapidly adopted by all kinds of developers nowadays as a data-interchange format. Developers often make the mistake of sending JSON the naive way, and also improperly handling them in the Client side code.
An attacker can make use of this to target the website and he can do cross-domain content extraction, XSS and some more attacks.
Speaker bio
Security Researcher and speaker at Security Conferences.
{{ gettext('Login to leave a comment') }}
{{ gettext('Post a comment…') }}{{ errorMsg }}
{{ gettext('No comments posted yet') }}