Episode Details

Back to Episodes
Web dev security school (JS Party #293)

Web dev security school (JS Party #293)

Published 2 years, 3 months ago
Description

This week, we’re joined by Ron Perris, a Security Engineer at Reddit and software security enthusiast. Together, we dive into best practices and common pitfalls, covering topics from dangerous URLs to JSON injection attacks. Tune in for an educational conversation, and don’t forget to bring your notebooks!

Leave us a comment

Changelog++ members get a bonus 4 minutes at the end of this episode and zero ads. Join today!

Sponsors:

  • Convex – Convex is a better type of backend — the full-stack TypeScript development platform that lets you replace your database, server functions, and glue code. Get started at convex.dev
  • Appwrite – Build Fast. Scale Big. All in One Place. Appwrite is a backend platform for developing Web, Mobile, and Flutter applications. Built with the open source community and optimized for developer experience in the coding languages you love.
  • Changelog News – A podcast+newsletter combo that’s brief, entertaining & always on-point. Subscribe today.

Featuring:

Show Notes:

Something missing or broken? PRs welcome!

Timestamps:

(00:00) - It's party time, y'all
(00:39) - Sponsor: Convex
(04:10) - Welcoming Ron Perris
(04:46) - Ron's background
(14:55) - NodeJS Security Working Group
(23:47) - Sponsor: Appwrite
(26:35) - Where to get started with security
(34:17) - String injectiony stuff
(39:42) - XSS protection
(43:40) - URL-based script injection
(50:41) - Who's responsible for security?
(52:38) - Sponsor: Changelog News
(54:19) - On security teams
(58:00) - On project security
(59:51)

Listen Now

Love PodBriefly?

If you like Podbriefly.com, please consider donating to support the ongoing development.

Support Us