filmov
tv
Browser security with HTTP headers - David Lord
Показать описание
Description
Browsers provide many ways to help keep your users and their data secure. In this talk, learn about what security features are available and how to enable them in Flask, Django, or other web applications. This talk is targeted at intermediate web developers, but should be useful for beginners as well.
Abstract
Each section will discuss a type of vulnerability and how the browser can be configured to protect users. Examples will be shown using Flask, but are applicable to other applications.
Overview of how browsers behave by default and what configuration is available.
Cross-site Scripting and the X-XSS-Protection header
Content sniffing and the X-Content-Type-Options header
Clickjacking, using frames to trick users into clicking hidden content, and the X-Frame-Options header
Cookie header options and content security
History information and the Referrer-Policy header
HTTPS headers: TLS certificates, HTTP redirection, and Strict Transport Security
Content-Security-Policy controls where different types of content can be loaded from. Explain how to determine a good policy for an application.
Validating security configuration
Using these tools and interpreting results. What do good and bad configurations look like?
About the speaker
David Lord is a core maintainer of Flask and manages the Pallets open source organization. He is a member of San Diego Python, where he helps organize a weekly Python study group.
Sponsor Acknowledgement
#pybay #pybay2019 #python #python3 #gdb
0:33:42
Browser security with HTTP headers - David Lord
0:48:05
Browser security and HTTP Headers : Attacks and protections in action ! by Mathieu Humbert
0:15:48
Missing HTTP Security Headers - Bug Bounty Tips
0:03:46
Current utilization of browser security headers
0:00:12
🚀 Understanding HTTP Request Headers is crucial for both freshers and experienced developers!
0:25:21
HTTP Headers For Web Performance and Security -- HTTP Security Headers Explained
0:25:52
Wei Lu: HTTP Headers - The Simplest Security - JSConf.Asia 2014
0:01:49
How to Check HTTP Headers from Browser
0:38:18
BASICS OF WEB APPLICATIONS (WEB SECURITY DAY 1)
0:08:53
Content Security Policy explained | how to protect against Cross Site Scripting (XSS)
0:59:22
HTTP Security Headers You Need To Have On Your Web Apps - Scott Sauber - NDC London 2021
0:25:21
HTTP Headers - The State of the Web
0:02:36
How to view http headers in chrome
0:16:06
Hackers Hate It! Secure Your Web App with These 6 Weird HTTP Headers
0:02:24
HTTP Security Headers Explained - What are security headers and how do I implement them?
0:40:21
HTTP Headers for the Responsible Developer • Stefan Judis • GOTO 2019
0:17:38
HTTP Headers and Cookies
0:25:26
Full Tutorial|| Security threats in a web world ||HTTP Security Headers | Content Security Policy
0:33:39
Web App Pentesting - HTTP Headers & Methods
0:03:56
Introduction - HTTP Security Headers
0:01:47
How to install HTTP Header live into Firefox
0:00:13
🛠️ Understanding HTTP Headers 🛠️
0:26:04
Mastering HTTP Headers with Axios: A Comprehensive Guide for Modern Web Development
0:08:15
🔴 HTTP Request/Response header information | [in detail] | Journey to Web Security (2021) | Video#3...
Комментарии