Client-side security in web application

3 views
Skip to first unread message

Jivan

unread,
Nov 11, 2011, 5:57:35 PM11/11/11
to dublinjs
Hi,

I am currently studying Javascript (and Ruby on Rails). And I have 2
essays to do.

For the first one I am looking for references on client-side
security. These should include examples of client-side attacks,
techniques to improve security, exploit techniques and strategies for
minimising risk.

Next weekend, I have to write on optimisation!

Thanks in advance,

Jivan

Jos Flores

unread,
Nov 12, 2011, 4:42:08 AM11/12/11
to dubl...@googlegroups.com
HI Jivan,

on the security side I'd explore https://www.owasp.org/index.php/Main_Page
It's not javascript specific but you'll find tons of related information there.

on performance I've heard good things about
http://www.amazon.co.uk/Performance-JavaScript-Faster-Application-Interfaces/dp/059680279X/ref=sr_1_7?ie=UTF8&qid=1321090717&sr=8-7
but to be honest, I have not read it.

cheers,
José

Jivan

unread,
Nov 12, 2011, 4:43:56 AM11/12/11
to dubl...@googlegroups.com
Gracias, José.

Me imagino que eres de habla española ¿verdad?

Jivan

2011/11/12 Jos Flores <josmas...@gmail.com>

Jos Flores

unread,
Nov 12, 2011, 4:47:37 AM11/12/11
to dubl...@googlegroups.com
Hi there, yes, but I'd rather keep using English in the list if you
don't mind, as it may be uncomfortable for other people :)

cheers,
José

Jivan

unread,
Nov 12, 2011, 7:05:03 AM11/12/11
to dubl...@googlegroups.com
Of course - for the forum I totally agree.  I just wanted to know!

Jivan

2011/11/12 Jos Flores <josmas...@gmail.com>
Hi there, yes, but I'd rather keep using English in the list if you

Dominykas Blyžė

unread,
Nov 12, 2011, 4:18:52 PM11/12/11
to dubl...@googlegroups.com

I think there should also be a talk or two on YUI theater http://yuilibrary.com/theater/ - I think Zakas gave one in last year's YUIConf on performance - not YUI related ;)

On security - scan through this guy's blog: http://scarybeastsecurity.blogspot.com/ - I think he works as part of Chrome team these days and had a couple of articles on quite sophisticated tricks

Dom

Jivan

unread,
Nov 15, 2011, 5:15:52 AM11/15/11
to dubl...@googlegroups.com
Thanks Dominykas!

One of these days I'll contribute something!!!

Regards,

Jivan


Nigel Kelly

unread,
Nov 15, 2011, 5:19:37 AM11/15/11
to dubl...@googlegroups.com
Hi Jivan

If you're living in Dublin you'd be very welcome to do a presentation on js performance and security at one of our meetups.

Nigel

Jivan

unread,
Nov 15, 2011, 5:41:36 AM11/15/11
to dubl...@googlegroups.com
Hi Nigel,

That kind of expertise is a loooooooooooooooooooooooong way off!  But you made me giggle - always a good thing!

Regards,

Jivan

2011/11/15 Nigel Kelly <nige...@googlemail.com>

Dominykas Blyžė

unread,
Nov 15, 2011, 5:44:34 AM11/15/11
to dubl...@googlegroups.com
You don't need to be an expert to kick off a conversation :) As you're already doing the research - you may as well put it into slides and show them off to all of us - there will always be people who don't know some stuff - and even if some of us do - it's always good to have reminders about certain aspects - especially about security.

So, seriously - do it ;) I'm not an "expert" on the stuff I'll be talking about next week, but I'll try :)

Dom

Jos Flores

unread,
Nov 15, 2011, 5:50:12 AM11/15/11
to dubl...@googlegroups.com
I'm with Dom. Actually preparing a talk for a local group is a great
way to organise in your head what you know and what you don't, and
you'll be better off after doing it, no matter the outcome.

Some of us know nothing about performance, and meetups are very
relaxed. A talk can be as short as 15 minutes so no need for
expertise.

We could organise something lighter for December... how about 3 or 4
talks, capped at 15 minutes each? would be a great opportunity for
small topics and for people that would like to do a talk but don't
know what to talk about or are a bit afraid of doing it. thoughts?

cheers,
José

Jos Flores

unread,
Nov 15, 2011, 5:51:05 AM11/15/11
to dubl...@googlegroups.com
Actually, I'm gonna open another thread with that... if it's not
December we could leave it for next year.

cheers,
José

Nigel Kelly

unread,
Nov 15, 2011, 5:51:42 AM11/15/11
to dubl...@googlegroups.com
That's right, Jivan. Alot of our talks are about new js frameworks and techniques. Nobody can be an expert in these things because they are new. Who really is a nodejs expert? Very few people.

Jivan

unread,
Nov 15, 2011, 9:06:30 AM11/15/11
to dubl...@googlegroups.com
Hi Folks,

Not alone am I not an expert - I know nothing (in the words of Manuel from Fawlty Towers!)!!!  Hence, asking the forum for advice!

Perhaps next year when I don't have the coursework pressure - I'm finding it hard to cope as it is!!!  I PROMISE I'll keep my masterpiece for sharing!
Reply all
Reply to author
Forward
0 new messages