XSS PHP CSP ETC OMG WTF BBQ

Track: 
Other
Experience level: 
Intermediate

The name Cross-Site Scripting (XSS) was coined in January 2000 by a small
group of Microsoft security engineers. Today, almost 17 years later, it's
still widely used to attack web apps, users, and browsers. Let's go beyond
alert(1) and let's see what else we can do to stop the attack. You'll fall
in love with Content Security Policy (CSP) after seeing this talk,
guaranteed*. (* Terms and Conditions may apply)