Keeping the sandbox safe

03:00 PM Bretton Woods

Today, cross site scripting attacks, remain a key attack vector for hackers trying to gain private information of individuals using websites. There are many attack vectors that still exist in browsers due to legacy compatibility, but there are features you can enable to prevent such issues. I'll be talking about the multitude of http headers, and other mechanisms you can use to help prevent your customer's from having their information stolen, and how you can implement these mechanisms in common frameworks such as core.