Wednesday

Room 6

16:20 - 17:20 (UTC+01)

Talk (60 min)

Securing React with Trusted Types

Cross-Site Scripting is game over! We've been hearing this for a while now. Unfortunately, it is still more than relevant in the world of React-based frontends. While React helps a bit, it still leaves too much to developers, aptly illustrated by numerous XSS vulnerabilities discovered in React apps. No more. In this session, we look at Trusted Types, a platform-based defense that will eradicate XSS vulnerabilities in frontends. We investigate how Trusted Types can stop typical React XSS attacks. Additionally, we explore how to configure Trusted Types for your entire application. You will walk away with a solid knowledge of Trusted Types and actionable advice to get started with Trusted Types.

Security
Web

Philippe De Ryck

Philippe De Ryck helps developers protect companies through better web security. His Ph.D. in web security from KU Leuven lies at the basis of his exceptional knowledge of the security landscape. As the founder of Pragmatic Web Security, Philippe delivers security training and security consulting to companies worldwide. His online course platform allows anyone to learn complex security topics at their own pace. Philippe is a Google Developer Expert and an Auth0 Ambassador for his community contributions on the security of web applications and APIs.