Vai offline con l'app Player FM !
When 3rd party JavaScript attacks
Manage episode 436906040 series 1391411
Simon Wijckmans from c/side joins Jerod & Nick to discuss the Pollyfill attack in detail. What does it mean for web developers & client-side security going forward?
Changelog++ members save 1 minute on this episode because they made the ads disappear. Join today!
Sponsors:
- Wix – Wix Sudio is for devs who build websites, sell apps, go headless, or manage clients. Integrate, extend and write custom scripts in a VS code-based IDE. Leverage zero set up dev, test and production environments. Ship faster with an AI code assistant. And work with Wix headless API’s on any tech stack.
Featuring:
- Simon Wijckmans – Twitter, GitHub, LinkedIn, Website
- Jerod Santo – Mastodon, Twitter, GitHub, LinkedIn
- Nick Nisi – Mastodon, Twitter, GitHub, Website
Show Notes:
Something missing or broken? PRs welcome!
Capitoli
1. It's party time, y'all (00:00:00)
2. Hello party people (00:00:56)
3. Welcoming Simon (00:01:23)
4. Hotlinking? Hotlinking! (00:01:47)
5. The Polyfill attack (00:02:56)
6. Nick gets called out (00:11:58)
7. Sponsor: Wix (00:14:52)
8. Reasonable risks (00:15:47)
9. Trust? But, verify (00:19:00)
10. How to verify (00:20:49)
11. Mitigation techniques (00:23:51)
12. Leading from the bottom (00:25:50)
13. Nick gets more secure (00:28:42)
14. What c/side offers (00:29:32)
15. Jerod avenges Nick (00:33:57)
16. Does c/side inject scripts? (00:38:22)
17. What the browsers could do (00:39:49)
18. Consider it cut (00:44:43)
19. Doing better server-side (00:45:31)
20. Ghoulish overkill (00:48:24)
21. Closing time (00:51:16)
22. Next up on the pod (00:51:49)
355 episodi
Manage episode 436906040 series 1391411
Simon Wijckmans from c/side joins Jerod & Nick to discuss the Pollyfill attack in detail. What does it mean for web developers & client-side security going forward?
Changelog++ members save 1 minute on this episode because they made the ads disappear. Join today!
Sponsors:
- Wix – Wix Sudio is for devs who build websites, sell apps, go headless, or manage clients. Integrate, extend and write custom scripts in a VS code-based IDE. Leverage zero set up dev, test and production environments. Ship faster with an AI code assistant. And work with Wix headless API’s on any tech stack.
Featuring:
- Simon Wijckmans – Twitter, GitHub, LinkedIn, Website
- Jerod Santo – Mastodon, Twitter, GitHub, LinkedIn
- Nick Nisi – Mastodon, Twitter, GitHub, Website
Show Notes:
Something missing or broken? PRs welcome!
Capitoli
1. It's party time, y'all (00:00:00)
2. Hello party people (00:00:56)
3. Welcoming Simon (00:01:23)
4. Hotlinking? Hotlinking! (00:01:47)
5. The Polyfill attack (00:02:56)
6. Nick gets called out (00:11:58)
7. Sponsor: Wix (00:14:52)
8. Reasonable risks (00:15:47)
9. Trust? But, verify (00:19:00)
10. How to verify (00:20:49)
11. Mitigation techniques (00:23:51)
12. Leading from the bottom (00:25:50)
13. Nick gets more secure (00:28:42)
14. What c/side offers (00:29:32)
15. Jerod avenges Nick (00:33:57)
16. Does c/side inject scripts? (00:38:22)
17. What the browsers could do (00:39:49)
18. Consider it cut (00:44:43)
19. Doing better server-side (00:45:31)
20. Ghoulish overkill (00:48:24)
21. Closing time (00:51:16)
22. Next up on the pod (00:51:49)
355 episodi
Tutti gli episodi
×Benvenuto su Player FM!
Player FM ricerca sul web podcast di alta qualità che tu possa goderti adesso. È la migliore app di podcast e funziona su Android, iPhone e web. Registrati per sincronizzare le iscrizioni su tutti i tuoi dispositivi.