Securing a modern JavaScript based single page web application

Cite

Norwegian Developers Conference (NDC)

Oftedal, Erlend

Formal Metadata

Title

Securing a modern JavaScript based single page web application

Title of Series

NDC Oslo 2014

Number of Parts

170

Author

Oftedal, Erlend

License

CC Attribution - NonCommercial - ShareAlike 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal and non-commercial purpose as long as the work is attributed to the author in the manner specified by the author or licensor and the work or content is shared also in adapted form only under the conditions of this

Identifiers

10.5446/50596 (DOI)

Publisher

Norwegian Developers Conference (NDC)

Release Date

2014

Language

English

Content Metadata

Subject Area

Computer Science

Genre

Conference/Talk

Abstract

Modern web apps are often single page web apps. The heavy HTML-generating backend is replaced by JavaScript, JavaScript frameworks like Backbone.js and templating languages like mustache.js or underscore.js. Data is transferred via RESTful JSON services. We are moving functionality normally implemented on the server to the browser. Sometimes we even implement the backend using JavaScript. What kinds of security problems can occur if we do this incorrectly? How do we mitigate the security problems found in these applications?