Cross Site Scripting (XSS) Defense is difficult. Some programming languages do not event provide native defenses necessary to thoroughly prevent XSS. As technologies such as Content Security Policy emerge, we still need pragmatic advice to stop XSS in the construction of web applications. First generation encoding libraries had both performance and completeness problems that prevent developers from through, production-safe XSS defense. This presentation will deeply review the OWASP Java Encoder Project and the OWASP Java HTML Sanitizer Project and give code samples highlighting their use.
Click here to Register
CONTACT US: (515) 650-0424 | email@example.com | 4400 East University Ave., Suite 101, Pleasant Hill, IA 50327