Theme this year: The broad theme this year is going to be Building Reliable Web Apps. Please refer to the Topics section below for the subject of talks and workshops we are looking for.
We are inviting proposals for:
Full-length 40 minute talks.
Crisp 15 minute talks.
Sponsored sessions, of 15 minutes and 40 minutes duration (limited slots available; subject to editorial scrutiny and approval).
Hands-on Workshop sessions, 3 and 6 hour duration.
Proposals will be filtered and shortlisted by an Editorial Panel. Please make sure to add links to videos / slide decks when submitting proposals. This will help us understand your speaking experience and delivery style. Blurbs or blog posts covering the relevance of a particular problem statement and how it is tackled will help the Editorial Panel better judge your proposals. We might contact you to ask if you’d like to repost your content on the official conference blog.
We expect you to submit an outline of your proposed talk – either in the form of a mind map or a text document or draft slides within two weeks of submitting your proposal.
You can check back on this page for the status of your proposal. We will notify you if we either move your proposal to the next round or if we reject it. Selected speakers must participate in one or two rounds of rehearsals before the conference. This is mandatory and helps you to prepare well for the conference.
A speaker is NOT confirmed a slot unless we explicitly mention so in an email or over any other medium of communication.
There is only one speaker per session. Entry is free for selected speakers. As our budget is limited, we prefer speakers from locations closer home, but will do our best to cover for anyone exceptional. HasGeek provides these limited grants where applicable: two international travel and accommodation grants, three domestic travel and accommodation grants. Grants are limited and made available to speakers delivering full sessions (40 minutes or longer). Speaker travel grants will be given in order of preference to students, women, persons of non-binary genders, and individuals for Asia and Africa first.
Updated (19 April 2017): We are currently looking for talks in the following topics:
Testing: Testing tools and strategies; test driven development and testing culture; continuous integration and testing workflows; and case studies around testing your application.
Performance optimization: Performance analysis tools and techniques; best practices for building performant applications; browser, NodeJS, and framework internals; network protocols; and performance case studies.
Crash and performance monitoring: Monitoring applications for crashes and performance issues while in production.
Commitment to open source
HasGeek believes in open source as the binding force of our community. If you are describing a codebase for developers to work with, we’d like for it to be available under a permissive open source licence. If your software is commercially licensed or available under a combination of commercial and restrictive open source licences (such as the various forms of the GPL), please consider picking up a sponsorship. We recognise that there are valid reasons for commercial licensing, but ask that you support us in return for giving you an audience. Your session will be marked on the schedule as a “sponsored session”.
Deadline for submitting proposals: 15 June 2017
Conference dates: 15–16 September 2017
For more information about speaking proposals, tickets and sponsorships, contact email@example.com or call +91 76763 32020.
Note: We aren’t accepting any new talks.
Content Security Policy to the Rescue
Developing Web Application with security in mind is very much important in today’s world with the increase in online attacks and frauds. And when we talk about front-end security, Cross-site scripting (XSS) is the first vulnerability that comes to everyone’s mind.
In this talk, I’ll speak about mitigating XSS attacks with Content Security Policy. It also covers tales of XSS vulnerabilities, what makes them vulnerable and how they could have been prevented using CSP. This is followed by a live demonstration of a vulnerable web application.
We will be exploring Why CSP is cool and how to use it effectively in the real world applications to prevent other sets of attacks, e.g., clickjacking, etc.
XSS is very much a solved problem only if it is done right taking care of the escaping gotchas and some browser quirks. CSP is a defence-in-depth mechanism which can help in mitigating XSS vulnerabilities.
I’ll demonstrate an intentionally vulnerable web application and how applying Content Security Policy to it can fix those vulnerabilities. I’ll also talk about some success stories where companies successfully deployed CSP. Along with that, We’ll discuss some common bypasses available for content security policy which should be interesting and must know for the audience along with the best practices.
In addition to that, this talk also covers how CSP can be used to prevent other set of issues like
2) HTTPS Migration
3) Secure Form Submission
- Slides from previous talks - https://speakerdeck.com/djadmin/
- Blog - https://medium.com/@dheerajhere
- Twitter - https://twitter.com/dheerajhere
- Github - https://github.com/djadmin