JSFoo 2013

All about being creative with JavaScript

(Skip ahead to session proposals)

About JSFoo

JSFoo is India’s only national JavaScript conference. The first season of JSFoo featured editions in Bangalore, Pune and Chennai between Oct 2011 and Feb 2012. The second edition in Bangalore in Oct 2012 was based on the theme “JavaScript Everywhere” – featuring JavaScript on web servers, embedded in robots, as a cross-platform language for mobile, and in its original home, the browser.

##JSFoo 2013
The theme for JSFoo 2013 is original creations with JavaScript. Showcase innovative work done with JavaScript – if you have created something at work or outside your work commitments, with or without a business model in sight, something you’ve done for the love of seeing it come to life in front of your eyes, JSFoo is the place to talk about it!

Talks which demonstrate innovation at either a technical or “best practice” level will be given preference. Your creation does not necessarily have to be in production, but we will insist on it being something more significant than a cool ten-line function you came up with (unless that function allowed you to control sharks fitted with lasers or something).

We are also accepting high quality talk and workshop proposals on JS frameworks, libraries and tools. These proposals have to provide clear objectives and take-aways for practising JavaScript developers.

##Format
JSFoo 2013 is a single-track event. We invite proposals for:

  • full-length 40-minute proposal
  • a crisp 15-minute presentation
  • sponsored sessions, 40 minute duration
  • flash talks of 5 minutes duration. Submissions for flash talks will be opened one week before the event
  • Hands-on sessions ranging from two to six hours on JS libraries, frameworks and tools. These proposals will be categorized as workshops

Commitment to open source

HasGeek believes in open source as the binding force of our community. If you are describing a piece of technology, we’d like it to be available under a permissive open source license.

If your software is commercially licensed or available under a combination of commercial and restrictive open source licenses (such as the various forms of the GPL), please consider picking up a sponsorship. We recognize that there are valid reasons for commercial licensing, but ask that you support us in return for giving you an audience. Your session will be marked on the schedule as a sponsored session.

Speaking submissions

You can submit a proposal to speak at JSFoo 2013 via the submission funnel below. Please describe your proposal in as much detail as possible. Detail is important if you’d like to be voted up into the schedule. In particular, we want to hear why you are the best person to be delivering a talk on your proposed topic. Provide links to previous talks and presentations you’ve done. This will help attendees and the programme committee in evaluating your proposal.
Making a funnel submission does not guarantee final selection.

##Selection Process
Voting is open to attendees who have purchased event tickets. If there is a proposal you find notable, please vote for it and leave a comment to initiate discussions. Your vote will be reflected immediately, but will be counted towards selections only if you purchase a ticket. Proposals will also be evaluated by a program committee consisting of:

Proposers must submit presentation drafts as part of the selection process to ensure that the talk is in line with the original proposal, and to help the program committee build a strong line-up for the event.

There is only one speaker per session. Attendance is free for selected speakers. HasGeek will cover your travel to and accommodation in Bangalore from anywhere in the world. As our budget is limited, we will prefer speakers from locations closer home, but will do our best to cover for anyone exceptional. If you are able to raise support for your trip, we will count that as speaker travel sponsorship.

If your proposal is not accepted, you can buy a ticket at the same rate as was available on the day you proposed. We’ll send you a code.

Tickets: http://jsfoo.doattend.com

Website: https://jsfoo.in/2013

Dates

The program committee will announce the first round of selected proposals by 15th August and a second round by 2nd September. We will finalize the schedule by 7th September. The funnel will close on 25th August. The event is on 20th and 21st September 2013.

Hosted by

JSFoo is a forum for discussing UI engineering; fullstack development; web applications engineering, performance, security and design; accessibility; and latest developments in #JavaScript. Follow JSFoo on Twitter more

Lavakumar Kuppan

@lava

Oh no, there is a XSS in your JS. Understanding, Identifying and Avoiding DOM Based XSS.

Submitted Aug 23, 2013

To introduce DOM Based Cross-site Scripting which is the most serious and prevalent JavaScript security issue at present and explain how it can be identified and avoided.

Outline

Cross-site Scripting is one of the most common and widely known security vulnerabilities but what is not very well know is that Cross-site Scripting vulnerabilities can occur on the client-side due to insecure JavaScript code.

In 40 minutes you will learn:

  1. How XSS can occur in JavaScript

  2. The different variations of DOM based XSS

  3. How DOM based XSS can be detected with available tools

  4. Best ways to avoid and mitigate DOM based XSS in your code

If you are a JavaScript developer who does not understand this security threat then you run the risk of putting your user’s data in danger. Don’t let that happen!

Speaker bio

Lavakumar is the founder of the IronWASP project, the advanced Web Security Testing Platform. He has authored multiple security tools like HAWAS, ‘Shell of the Future’, JS-Recon, Imposter and the HTLM5 based Distributed Computing System - Ravan. As a security researcher he has discovered several novel attacks that include a sandbox bypass on Flash Player, WAF bypass technique using HTTP Parameter Pollution, multiple HTML5 attacks and a CSRF protection bypass technique using CickJacking & HPP which was voted by peers and experts as the 5th best ‘web security hack’ of 2010. His works have been covered by leading media portals including the Forbes. All his research and tools are available at the Attack and Defense Labs website. He also maintains the HTML5 Security Resources Repository website. He has spoken at multiple conferences like BlackHat, OWASP AppSec Asia, SecurityByte, ClubHack, NullCon etc on topics ranging from browser exploitation to HTML5 Security. He is also the recipient of the Black Shield Luminaire award.

Comments

{{ gettext('Login to leave a comment') }}

{{ gettext('Post a comment…') }}
{{ gettext('New comment') }}
{{ formTitle }}

{{ errorMsg }}

{{ gettext('No comments posted yet') }}

Hosted by

JSFoo is a forum for discussing UI engineering; fullstack development; web applications engineering, performance, security and design; accessibility; and latest developments in #JavaScript. Follow JSFoo on Twitter more