JSFoo 2013

All about being creative with JavaScript

Raghu Mitra


Secure Javascript coding - Do's and Dont's

Submitted Jul 18, 2013

Learn about the common security vulnerabilities, policies and how to work with them in javascript.


Almost everybody who has written some serious javascript code would have faced problems related to security.
There are some inherent security policies in javascript such as single-origin-policy, content-security-policy etc, which sometimes are limiting.
In this session we will discuss how to work around them, should there be any need.

Even after the security policies mentioned above, programmers need to take care of many other vulnerabilities like cross-site-scripting (XSS), cross-site-request-forgery ( CSRF) etc.
In this session we will discuss how to fill these security loop holes.

Speaker bio

Raghu & Rahul
We are SSE’s working for Citrix R&D India Ltd. We work on providing UI for a bunch of networking products. Developing UI for an enterprise networking product that can be public facing sometimes has given us exposure to various security threats and by far we were successful in mitigating them :).

We would like to share our knowledge and understand more about the common security issues faced by enterprise web applications.


{{ gettext('Login to leave a comment') }}

{{ gettext('Post a comment…') }}
{{ gettext('New comment') }}
{{ formTitle }}

{{ errorMsg }}

{{ gettext('No comments posted yet') }}

Hosted by

JSFoo is a forum for discussing UI engineering; fullstack development; web applications engineering, performance, security and design; accessibility; and latest developments in #JavaScript. Follow JSFoo on Twitter more