Offline dengan aplikasi Player FM !
When 3rd party JavaScript attacks
Manage episode 436906040 series 1391411
Simon Wijckmans from c/side joins Jerod & Nick to discuss the Pollyfill attack in detail. What does it mean for web developers & client-side security going forward?
Changelog++ members save 1 minute on this episode because they made the ads disappear. Join today!
Sponsors:
- Wix – Wix Sudio is for devs who build websites, sell apps, go headless, or manage clients. Integrate, extend and write custom scripts in a VS code-based IDE. Leverage zero set up dev, test and production environments. Ship faster with an AI code assistant. And work with Wix headless API’s on any tech stack.
Featuring:
- Simon Wijckmans – Twitter, GitHub, LinkedIn, Website
- Jerod Santo – Mastodon, Twitter, GitHub, LinkedIn
- Nick Nisi – Mastodon, Twitter, GitHub, Website
Show Notes:
Something missing or broken? PRs welcome!
Chapter
1. It's party time, y'all (00:00:00)
2. Hello party people (00:00:56)
3. Welcoming Simon (00:01:23)
4. Hotlinking? Hotlinking! (00:01:47)
5. The Polyfill attack (00:02:56)
6. Nick gets called out (00:11:58)
7. Sponsor: Wix (00:14:52)
8. Reasonable risks (00:15:47)
9. Trust? But, verify (00:19:00)
10. How to verify (00:20:49)
11. Mitigation techniques (00:23:51)
12. Leading from the bottom (00:25:50)
13. Nick gets more secure (00:28:42)
14. What c/side offers (00:29:32)
15. Jerod avenges Nick (00:33:57)
16. Does c/side inject scripts? (00:38:22)
17. What the browsers could do (00:39:49)
18. Consider it cut (00:44:43)
19. Doing better server-side (00:45:31)
20. Ghoulish overkill (00:48:24)
21. Closing time (00:51:16)
22. Next up on the pod (00:51:49)
349 episode
Manage episode 436906040 series 1391411
Simon Wijckmans from c/side joins Jerod & Nick to discuss the Pollyfill attack in detail. What does it mean for web developers & client-side security going forward?
Changelog++ members save 1 minute on this episode because they made the ads disappear. Join today!
Sponsors:
- Wix – Wix Sudio is for devs who build websites, sell apps, go headless, or manage clients. Integrate, extend and write custom scripts in a VS code-based IDE. Leverage zero set up dev, test and production environments. Ship faster with an AI code assistant. And work with Wix headless API’s on any tech stack.
Featuring:
- Simon Wijckmans – Twitter, GitHub, LinkedIn, Website
- Jerod Santo – Mastodon, Twitter, GitHub, LinkedIn
- Nick Nisi – Mastodon, Twitter, GitHub, Website
Show Notes:
Something missing or broken? PRs welcome!
Chapter
1. It's party time, y'all (00:00:00)
2. Hello party people (00:00:56)
3. Welcoming Simon (00:01:23)
4. Hotlinking? Hotlinking! (00:01:47)
5. The Polyfill attack (00:02:56)
6. Nick gets called out (00:11:58)
7. Sponsor: Wix (00:14:52)
8. Reasonable risks (00:15:47)
9. Trust? But, verify (00:19:00)
10. How to verify (00:20:49)
11. Mitigation techniques (00:23:51)
12. Leading from the bottom (00:25:50)
13. Nick gets more secure (00:28:42)
14. What c/side offers (00:29:32)
15. Jerod avenges Nick (00:33:57)
16. Does c/side inject scripts? (00:38:22)
17. What the browsers could do (00:39:49)
18. Consider it cut (00:44:43)
19. Doing better server-side (00:45:31)
20. Ghoulish overkill (00:48:24)
21. Closing time (00:51:16)
22. Next up on the pod (00:51:49)
349 episode
Semua episode
×Selamat datang di Player FM!
Player FM memindai web untuk mencari podcast berkualitas tinggi untuk Anda nikmati saat ini. Ini adalah aplikasi podcast terbaik dan bekerja untuk Android, iPhone, dan web. Daftar untuk menyinkronkan langganan di seluruh perangkat.