JSFoo 2017

JSFoo is a conference about JavaScript and everything related.


Generating a static web app using Git and securing it using OWASP

Submitted by Shrimadhav U K (@spechide) on Wednesday, 12 April 2017

Preview video

Section: Workshop Technical level: Intermediate


The talk will consist mainly on how to deploy a static website properly (both, in terms of usability and security) with a version control system. The audience might learn which files should be version controlled and which type of files should not be placed in the version control repository.
Experience with a version control system is recommended but not mandatory.


  1. Introduction to Continous Integration (CI).
  2. Why one should use a static site, instead of other available alternatives?
  3. Deploying the web application with a version control system PROPERLY.
  4. The best practises that needs to be followed when deploying the web page to a production environment.
  5. Testing the security of your developed Web Application using Open Source Tools.


an open mind, and an enthusiasm to learn new things

Speaker bio

I am a senior undergraduate student at National Institute of Technology, Calicut. My areas of interest include Web Application Security and Security stuff in general. As part of FOSSCell, NITC and Google Students Club, NITC I have conducted various beginner level workshops on technologies including but not limited to GNU/Linux and Android.




Preview video



  • Ankur Sethi (@s3thi) 2 years ago

    Could you explain in a little more detail what security considerations you will be talking about? I would imagine deploying a static website is mostly just serving some files from a webserver. What security considerations beyond following basic server security practices will you address in this session?

  • Shrimadhav U K (@spechide) Proposer 2 years ago

    What I intend to introduce by my talk is “How to deploy a static web application” using Git{Lab,Hub} Pages. Many times, I have seen people commiting un-necassary files on Git, which may not be required. Also, I intend to talk on JavaScript Best Practices that needs to be followed, when developing the web application. Finally, I would like to conclude by showing how to test the security of the web application developed.

  • Kushal V. Mahajan (@kushalvmahajan) a year ago

    No it’s still not clear about what security practices. Some bullet points will help

    Then, what CI tool are you using?

    Also, I didn’t get the comparison between static site vs other things. Other things?

    Finally, why would we need git to generate a static site in real world?

Login with Twitter or Google to leave a comment