How To Write Secure JavaScript Applications

author Coding Tech   1 год. назад

1,098 Like   73 Dislike

The JavaScript Starter Kit Manifesto

You know minification, linting, testing, bundling, cache busting, transpiling and so on are important. But does your team do all this consistently? Likely not. That's why every team needs a starter kit. Let's discuss why it's so critical, and what belongs in the box. EVENT: Nodevember, November 2016 SPEAKER: Cory House PERMISSIONS: The original video was published on Nodevember YouTube channel with the Creative Commons Attribution license (reuse allowed). ORIGINAL SOURCE:

This Is How Docker Works, The Fun Way!

Almost everyone uses docker, but without really knowing what it is or does under the hood. To be fair, it just works and the whole thing with namespaces and images is a dry topic. The most important thing to know is, docker is just a product name for a program that uses several already long-existing technologies to create its containers. Well, it's a little bit more, since it provides the docker hub infrastructure, a vital part of docker's success. Since understanding docker means understanding the underlying principles, you will see how to create your own container without using anything docker. To do this a small program is written in golang (you don't need to know the language) that creates a real container. During this process, you will get to know and, most importantly, understand how docker works. Why would you want to know how Docker works internally? If you know the concept by heart, working with docker and especially debugging weird stuff it does from time to time becomes a breeze. ​Additionally to the things above you will get deeper knowledge about images, the second most important thing apart from containers. The talk is aimed at programmers who struggle to understand docker or just want to know more about a technology they use every day. EVENT: Dutch PHP Conference in 2018 SPEAKER: Niklas Dzösch PERMISSIONS: Original video was published with the Creative Commons Attribution license (reuse allowed). CREDITS: Original video source:

Software Design Patterns and Principles (quick overview)

Ex-Google Tech Lead the TheTECHLEAD teaches the tech of technical software & systems design patterns and principles on how to avoid over-engineering your project into garbage. This is a serious video. Because it is important. ‣ TechLead: Season 1 Complete HD available for purchase.

Angular vs React.js vs Vue.js - My Thoughts!

Angular, React.js or Vue.js? I get this question a lot! Let me share some thoughts on it with you! Early bird offer - Join my course on this topic for only $10: Introductions to all three frameworks + detailed comparison included! Want to dive deeper into React or Angular or Vue? React - The Complete Guide for only $12: Angular - The Complete Guide for only $15: Vue.js 2 - The Complete Guide for only $15: Want to read instead of watch? Here you go! JS Framework Benchmark: You can follow Max on Twitter (@maxedapps), like us on Facebook ( or visit our Website ( See you in the videos!

Web APIs You [Probably] Didn't Know Existed

You’ve probably heard about the amazing things that HTML5 can do. Maybe you already saved some data using Local Storage, fetched user coordinates using Geolocation, or even drew graphs and other objects using Canvas. But did you know there are many more new JavaScript APIs in the Web Platform? In this talk, we’ll see how to leverage the power of those APIs in order to create better experiences for your users. EVENT: NEJS Conf 2016 SPEAKER: Zeno Rocha PERMISSIONS: The original video was published on NebraskaJS YouTube channel with the Creative Commons Attribution license (reuse allowed). ORIGINAL SOURCE:

Thought you knew JavaScript security? Well, you don't. At least not as well as you thought you did. From CSRF to crypto, I'm going to teach you everything you absolutely must know to write secure JavaScript, especially web applications in particular, both front and backend. An emphasis will be put on teaching *practical* techniques and *best practices* that you can immediately go back to your company or organization and implement.

Among the topics we will cover are preventing common and not-so-common but still critical vulnerabilities in JavaScript code, ranging from CSRF, command injection, improper password handling, broken authentication and authorization, bad cryptography, and more. We will also cover the best practices when attempting to write secure JavaScript code, on both the front and backend. From things like properly implementing user management schemes to as high-level as convincing your co-workers that security *does matter*, we will explore as much as possible in the time we have together.

Best of all, you *don't have to have security experience*! Come as you are and dive into the intertwined worlds of JavaScript and security and learn how to write the most secure JavaScript and Node.JS applications of your life.

EVENT: Nodevember 2016

SPEAKER: Jared Smith

PERMISSIONS: The original video was published on the Nodevember YouTube channel with the Creative Commons Attribution license (reuse allowed).


Comments for video: