BEGIN:VCALENDAR VERSION:2.0 PRODID:-//HasGeek//NONSGML Funnel//EN DESCRIPTION:On building faster\, performant and secure web applications X-WR-CALDESC:On building faster\, performant and secure web applications NAME:JSFoo Coimbatore 2019 X-WR-CALNAME:JSFoo Coimbatore 2019 REFRESH-INTERVAL;VALUE=DURATION:PT12H SUMMARY:JSFoo Coimbatore 2019 TIMEZONE-ID:Asia/Kolkata X-PUBLISHED-TTL:PT12H X-WR-TIMEZONE:Asia/Kolkata BEGIN:VEVENT SUMMARY:Check-ins and onsite registration DTSTART:20190705T033000Z DTEND:20190705T040000Z DTSTAMP:20260421T020934Z UID:session/48bJYCfjKZHuehWgFDdCG3@hasgeek.com SEQUENCE:0 CREATED:20190514T082801Z DESCRIPTION:\n GEO:11.03489445814772;77.02863364946097 LAST-MODIFIED:20190704T031728Z LOCATION:Auditorium - IT Block\, Dr. G R Damodaran College of Science\nCoi mbatore\nIN ORGANIZER;CN=JSFoo:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Check-ins and onsite registration in Auditorium in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Introduction to JSFoo Coimbatore 2019 DTSTART:20190705T040000Z DTEND:20190705T041000Z DTSTAMP:20260421T020934Z UID:session/7XoPx2PYkoeh16jVK7oJg6@hasgeek.com SEQUENCE:0 CREATED:20190514T082826Z DESCRIPTION:\n GEO:11.03489445814772;77.02863364946097 LAST-MODIFIED:20190704T031728Z LOCATION:Auditorium - IT Block\, Dr. G R Damodaran College of Science\nCoi mbatore\nIN ORGANIZER;CN=JSFoo:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Introduction to JSFoo Coimbatore 2019 in Auditorium in 5 minut es TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Improving the performance of a React app: a case study DTSTART:20190705T041000Z DTEND:20190705T044500Z DTSTAMP:20260421T020934Z UID:session/FGrwtbBT7qHHeyHN29CbbH@hasgeek.com SEQUENCE:2 CATEGORIES:Intermediate,Lecture CREATED:20190429T111218Z DESCRIPTION:- **How we measured our React App's performance & improvement* *\n - Performance metrics\n - Test conditions\n - Tools\n \n \n \n- **How we improved our React App's performance**\n + Identified & removed unused libraries / part of libraries \n + Code splitting with React's la zy & suspense\n + Identify & load specific libraries libraries dynamicall y\n + Reduce babel transpiled code with babel-preset-env\n + Reduce down load size with brotli-webpack-plugin\n \n \n- **Details of Perform ance Improved**\n + Timings\n + Size of our JS Bundles\n\n### Speaker bi o\n\nPunit Sethi is founder of Tezify - an org that offers tools & service s to measure & improve front-end performance. Punit has worked on improvin g performance of various high-traffic Indian ecommerce websites. Prior to Tezify\, Punit has been working on software performance for a decade.\n GEO:11.03489445814772;77.02863364946097 LAST-MODIFIED:20230810T072606Z LOCATION:Auditorium - IT Block\, Dr. G R Damodaran College of Science\nCoi mbatore\nIN ORGANIZER;CN=JSFoo:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/jsfoo/2019-coimbatore/schedule/improving-react-app -performance-a-case-study-FGrwtbBT7qHHeyHN29CbbH BEGIN:VALARM ACTION:display DESCRIPTION:Improving the performance of a React app: a case study in Audi torium in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Breaking a monolithic front-end: HackerRank's case study DTSTART:20190705T044500Z DTEND:20190705T052500Z DTSTAMP:20260421T020934Z UID:session/WBxjx662jsHtHn3oSGeKtx@hasgeek.com SEQUENCE:2 CATEGORIES:Intermediate CREATED:20190430T132223Z DESCRIPTION:#### The need of breaking the monolithic frontend\n- Reduce th e app context.\n- Separate deployment.\n- Bottleneck for Innovation.\n\n## ## The process\n- Breaking the mololith app to multiple apps and modules.\ n- Modules as node packages.\n- Keeping the code style uniform.\n- Publish ing Modules.\n- Automate deployment for modules.\n- Frontend Infra as a mo dule.\n\n#### Fine-tuning the workflow\n- Better local development.\n- Man aging cross dependencies.\n\n#### Key learnings\n\n### Speaker bio\n\nSudh anshu works as Front-end Architect at HackerRank. He has a love for fronte nd and anything in JS. In HackerRank he is involved in system design\, bui lding infra\, mentoring peoples and improving the frontend platform and te am as a whole. \nHe is also an active open source contributor who likes bu ilding UI\, modules\, and tools and have open sourced few of them with 4.5 M+ downloads on npm and 3.5 K stars on [github](https://github.com/s-yadav ). \nHe likes talking about JavaScript\, React\, performance\, frontend to ols\, architecture and patterns.\n GEO:11.03489445814772;77.02863364946097 LAST-MODIFIED:20230810T072606Z LOCATION:Auditorium - IT Block\, Dr. G R Damodaran College of Science\nCoi mbatore\nIN ORGANIZER;CN=JSFoo:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/jsfoo/2019-coimbatore/schedule/breaking-the-monoli thic-front-end-a-hackerranks-case-study-WBxjx662jsHtHn3oSGeKtx BEGIN:VALARM ACTION:display DESCRIPTION:Breaking a monolithic front-end: HackerRank's case study in Au ditorium in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Morning beverage break DTSTART:20190705T052500Z DTEND:20190705T055500Z DTSTAMP:20260421T020934Z UID:session/HBvqdwtTLJig4YmNzUquCD@hasgeek.com SEQUENCE:0 CREATED:20190514T083155Z DESCRIPTION:\n GEO:11.03489445814772;77.02863364946097 LAST-MODIFIED:20190704T031728Z LOCATION:Auditorium - IT Block\, Dr. G R Damodaran College of Science\nCoi mbatore\nIN ORGANIZER;CN=JSFoo:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Morning beverage break in Auditorium in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Captain Marvellous JavaScript: a look at how hackers use JS DTSTART:20190705T055500Z DTEND:20190705T064000Z DTSTAMP:20260421T020934Z UID:session/EEpSzT8dMMXaWybrw9wzvZ@hasgeek.com SEQUENCE:2 CATEGORIES:Beginner CREATED:20190429T110528Z DESCRIPTION:- Introduction to the talk\n- JavaScript and XSS: Is that it?\ n - Why is XSS bad anyways?\n - I've Got No BeEF With You \n - Demo o f a real world account and browser compromise\n- Going beyond it's suppose d application\n- Using JavaScript to Fuzz browsers\n - JS fuzzing engines \n - Browser crashes and the $$$\n- Server Side JS attacks\n - The peril s of insecure templating\n - Server Side JS injection\n - Remote Code Execution\n- Client Side JS Attacks\n - What's that in my DOM?\n - Mixin g Desktop Clients and JavaScript (WCGW)\n - Case Study of \n - Cod e Execution using JavaScript in a Desktop Client\n - Data Theft via a insecure Express app on a Desktop Client\n - Windows Privilege Escal ation using JavaScript in a Desktop Client\n- Breaking filters and Web App lication Firewalls\n - JS weirdness\n - Twisted XSS payloads\n- Malware writers\, JavaScript and obfuscation\n - Case Study 1\n - Case Study 2\n - Session Hijacking using ActionScript and Flash\n - Weaponising ActionSc ript for account takeovers\n- Mutation XSS\n - Abusing browsers' code nor malisation against them\n- JavaScript Steganography\n - Stega whaa?\n - Working with Alpha Channels in images\n - Hidden in PlainSight\n- iOT \, JavaScript and a friendly home router\n - Attacking NodeJS servers on exposed iOT devices\n - What could go wrong you say!\n- Closing notes\n- The End / Q&A\n\n### Speaker bio\n\nRiyaz Walikar currently heads the Offe nsive Security Team at Appsecco and is responsible for the assessment and delivery of Web and Mobile Application Security Testing engagements. He is a OSCP certified Web Application Pentester\, security evangelist and rese archer. He has been active in the security community for the better part o f the last 10 years. He has been actively involved with the Bangalore OWAS P and null chapter for the last 7 years and is one of the OWASP Bangalore chapter leads.\n\nHe is actively involved with Vulnerability Research in p opular Web Applications and Network aware services and has disclosed sever al security issues in popular software like Apache Archiva\, Openfire\, Jo omla!\, EJabberd and has had luck with finding vulnerabilities with popula r web applications like Facebook\, Twitter\, Google\, Cisco\, Symantec\, M ozilla\, PayPal\, Ebay\, Apigee\, Yahoo\, Adobe\, Tumblr\, Pinterest etc. for which he is on the Hall of Fame for most of these services. He has als o been a speaker and trainer at several security conferences.\n GEO:11.03489445814772;77.02863364946097 LAST-MODIFIED:20230810T072606Z LOCATION:Auditorium - IT Block\, Dr. G R Damodaran College of Science\nCoi mbatore\nIN ORGANIZER;CN=JSFoo:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/jsfoo/2019-coimbatore/schedule/captain-marvellous- javascript-a-look-at-how-hackers-use-js-EEpSzT8dMMXaWybrw9wzvZ BEGIN:VALARM ACTION:display DESCRIPTION:Captain Marvellous JavaScript: a look at how hackers use JS in Auditorium in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Leveraging web application vulnerabilities for resourceful intelli gence gathering. DTSTART:20190705T064000Z DTEND:20190705T072500Z DTSTAMP:20260421T020934Z UID:session/A8JDJMG4gfVcWGcBnEvZF@hasgeek.com SEQUENCE:2 CATEGORIES:Full talk (40 mins),Beginner,Demo,Intermediate,Lecture CREATED:20190506T091619Z DESCRIPTION:The talk seeks to provide the audience with a starting point f or where and how resourceful information and intelligence can be found and collected\, particularly\, through discovery and exploitation of security flaws in web applications. The talk will provide real life examples of se curity flaws through which sensitive information could have been disclosed \, and how at times - owing largely to the interconnected nature of such i nformation - it could be pieced together with other data to glean useful i ntelligence about a particular individual or group. Lastly\, the talk will touch upon how developers can avoid baking these issues into their servic es and applications\, while also discussing protective operational securit y measures that end-users can adopt as a best practice.\n\nTalk overview\n \n Introduction:\n Intelligence and Investigations\n Case Studies\n Web Application Vulnerabilities and Intelligence Gatheri ng\n\n Scoping and Execution:\n Targeting Techniques\n Ty pes of Prevalent Flaws\n Attacking Techniques\n Slides with Examples\n\n Defense:\n Best Practices for Developers\n O perational Security for Users\n\n### Speaker bio\n\nKaran Saini is a secur ity researcher and program officer at the Centre for Internet and Society. Karan has been a practitioner of responsible vulnerability disclosure for four years\, and has an avid interest in uncovering different ways throug h which new technologies and protocols can impact user privacy.'\n GEO:11.03489445814772;77.02863364946097 LAST-MODIFIED:20230810T072606Z LOCATION:Auditorium - IT Block\, Dr. G R Damodaran College of Science\nCoi mbatore\nIN ORGANIZER;CN=JSFoo:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/jsfoo/2019-coimbatore/schedule/leveraging-web-appl ication-vulnerabilities-to-build-and-open-source-intelligence-arsenal-A8JD JMG4gfVcWGcBnEvZF BEGIN:VALARM ACTION:display DESCRIPTION:Leveraging web application vulnerabilities for resourceful int elligence gathering. in Auditorium in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Lunch Break DTSTART:20190705T072500Z DTEND:20190705T082500Z DTSTAMP:20260421T020934Z UID:session/JUt7m4ogUk665casnaKhHM@hasgeek.com SEQUENCE:0 CREATED:20190514T083354Z DESCRIPTION:\n GEO:11.03489445814772;77.02863364946097 LAST-MODIFIED:20190704T031728Z LOCATION:Auditorium - IT Block\, Dr. G R Damodaran College of Science\nCoi mbatore\nIN ORGANIZER;CN=JSFoo:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Lunch Break in Auditorium in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:WebSDK: switching between service providers on the fly. DTSTART:20190705T082500Z DTEND:20190705T085500Z DTSTAMP:20260421T020934Z UID:session/zYEdhg41RwCgkStSnKkzh@hasgeek.com SEQUENCE:2 CATEGORIES:Intermediate CREATED:20190429T110337Z DESCRIPTION:This talk is about sharing an experience that I had while solv ing a challenging problem. While discussing about the service layer in the application I will cover following important areas:\n1. Caching at the se rvice layer\n2. Chunking (Creating different chunks for server and browser )\n3. Adapters (Maitaining a common response format b/w providers for the clients)\n4. Handling Error codes\n5. Test cases\n6. Switching b/w differe nt service providers. How does client chooses the service provider?\n7. Ho w is the service layer integrated in the web application ?\n\n### Speaker bio\n\nNishi Jain\, a Software Engineer at Hotstar with 4.5 years of exper ience. I am currently working on a powerful tool that manages content and empowers client facing apps in multiple geographies. I like to solve chall enging problems and try to keep myself updated with latest updates in the tech-world.\n GEO:11.03489445814772;77.02863364946097 LAST-MODIFIED:20230810T072606Z LOCATION:Auditorium - IT Block\, Dr. G R Damodaran College of Science\nCoi mbatore\nIN ORGANIZER;CN=JSFoo:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/jsfoo/2019-coimbatore/schedule/websdk-switching-b- w-service-providers-on-the-fly-zYEdhg41RwCgkStSnKkzh BEGIN:VALARM ACTION:display DESCRIPTION:WebSDK: switching between service providers on the fly. in Au ditorium in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Architect for scale: case studies of my learnings with Node.js DTSTART:20190705T085500Z DTEND:20190705T093000Z DTSTAMP:20260421T020934Z UID:session/VPKC4a2TJ7hPyG1odSwVhv@hasgeek.com SEQUENCE:2 CATEGORIES:Beginner CREATED:20190429T110313Z DESCRIPTION:- Why this talk\n - Introduction\n - How not to do Logging\n - My experience with security and JWT\n - JSON vs. RPC\n - Why "expres s" isn't the answer to _every_ problem\n - Detecting and debugging memory leaks **in production**.\n - Network and service mesh layer\n - When to use HAProxy (vs. nginx)\n - Bits of bad code I have seen\n - Conclusion and QA\n\n### Speaker bio\n\nIn my career as a JavaScript developer and b ackend architect\, oftentimes our teams have faced these age-old questions and have opted to choose whichever was the easiest. While good for RAD/MV P\, every technology has its side-effects which are\, more often than not\ , misunderstood or misconstrued. Further\, a talk with just a bunch of sli des gets boring really fast. I try to combine experience\, story-telling a nd technology (and some humor) to keep the audience engaged while making s ure that they learn as much as they possible can.\n\nI have worked with st artups of all sizes (a pretty cliché line) and I have faced numerous prob lems (read: disasters) while writing code\; some have been slipped under t he carpet whilst others have led to some losses. In the end\, there is a saying - "if a developer wrote perfect code\, everyone else would be out o f a job."\n GEO:11.03489445814772;77.02863364946097 LAST-MODIFIED:20230810T072606Z LOCATION:Auditorium - IT Block\, Dr. G R Damodaran College of Science\nCoi mbatore\nIN ORGANIZER;CN=JSFoo:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/jsfoo/2019-coimbatore/schedule/architect-for-scale -my-learnings-in-node-js-a-case-study-VPKC4a2TJ7hPyG1odSwVhv BEGIN:VALARM ACTION:display DESCRIPTION:Architect for scale: case studies of my learnings with Node.js in Auditorium in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Flash talks - by audience DTSTART:20190705T093000Z DTEND:20190705T100000Z DTSTAMP:20260421T020934Z UID:session/WUGieSzbEP8LdegnX25my5@hasgeek.com SEQUENCE:0 CREATED:20190514T083523Z DESCRIPTION:\n GEO:11.03489445814772;77.02863364946097 LAST-MODIFIED:20190704T031728Z LOCATION:Auditorium - IT Block\, Dr. G R Damodaran College of Science\nCoi mbatore\nIN ORGANIZER;CN=JSFoo:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Flash talks - by audience in Auditorium in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:State Machines for Frontend State Management DTSTART:20190705T100000Z DTEND:20190705T103500Z DTSTAMP:20260421T020934Z UID:session/8wVazq4PmbZvdE7iP1RkX7@hasgeek.com SEQUENCE:2 CATEGORIES:Intermediate,Lecture CREATED:20190626T115145Z DESCRIPTION:1. Simple introduction to State Machines\n2. Why and how State Machines are heavily utilized in Distributed systems\n3. Seeing frontend applications as a distributed system (with time bound events from DOM inte ractions)\, how to utilize the powerful concepts of state machines\n4. Sep aration of DOM writes vs DOM reads (State Machine)\n5. Action dispatcher - DOM writes\n6. State Transition(er)\, State Event Triggers\n7. How easy i s it to have Time Travel Logger\n\n### Speaker bio\n\nTejesh works extensi vely writing code to build no-code platforms. Actively contributes to open -source library [G1.js](https://www.npmjs.com/package/g1). Architected and developed MapViewer library to visualize Geo-Spatial data. Features inclu de shapefiles loader\, auto merge data with shapefiles\, progressive drill down of shapefiles. \n\nThe ideas for the topic of session has emerged fr om experience of building and maintaining heavy data focussed dashboards a pplications written completely in vanilla Javascript. Only if frontend is as easy and maintainable as database systems!\n GEO:11.03489445814772;77.02863364946097 LAST-MODIFIED:20230810T072606Z LOCATION:Auditorium - IT Block\, Dr. G R Damodaran College of Science\nCoi mbatore\nIN ORGANIZER;CN=JSFoo:MAILTO:no-reply@hasgeek.com URL:https://hasgeek.com/jsfoo/2019-coimbatore/schedule/state-machines-for- frontend-state-management-8wVazq4PmbZvdE7iP1RkX7 BEGIN:VALARM ACTION:display DESCRIPTION:State Machines for Frontend State Management in Auditorium in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Evening Beverage Break DTSTART:20190705T103500Z DTEND:20190705T110500Z DTSTAMP:20260421T020934Z UID:session/RWqh9SyfWhDuHykSZxRs5p@hasgeek.com SEQUENCE:0 CREATED:20190514T083647Z DESCRIPTION:\n LAST-MODIFIED:20190704T031728Z LOCATION:Coimbatore ORGANIZER;CN=JSFoo:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Evening Beverage Break in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT BEGIN:VEVENT SUMMARY:Birds of Feather (BOF) Sessions DTSTART:20190705T110500Z DTEND:20190705T114500Z DTSTAMP:20260421T020934Z UID:session/CqrnvtisoSrYSWqvC4v2ZW@hasgeek.com SEQUENCE:0 CREATED:20190514T083724Z DESCRIPTION:\n GEO:11.03489445814772;77.02863364946097 LAST-MODIFIED:20190704T031728Z LOCATION:Auditorium - IT Block\, Dr. G R Damodaran College of Science\nCoi mbatore\nIN ORGANIZER;CN=JSFoo:MAILTO:no-reply@hasgeek.com BEGIN:VALARM ACTION:display DESCRIPTION:Birds of Feather (BOF) Sessions in Auditorium in 5 minutes TRIGGER:-PT5M END:VALARM END:VEVENT END:VCALENDAR