Building Secure React Applications
GOTO Berlin 2019

Thursday Oct 24
10:30 –
11:15
B 07 - B 08

Building Secure React Applications

Slides:


This video is also available in the GOTO Play video app! Download it to enjoy offline access to our conference videos while on the move.

Available in Google Play Store or Available in Apple App Store




React is a secure framework. It handles cross-site scripting (XSS) out of the box. While these statements sound very hopeful, they are unfortunately far from reality. Building secure applications with React is easier than starting from scratch. However, even with React, there are several guidelines and considerations to take into account.

In this session, we take a deep-dive into two particular topics. We take a close look at XSS, React's defenses, and the responsibilities of the developer. The second topic zooms in on the challenges with including NPM dependencies. We look at how attackers abuse NPM to target your application. Throughout these topics, we build a set of concrete guidelines you can immediately apply to your applications.

What will the audience learn from this talk?
The audience will learn about real-world security pitfalls in React applications, more importantly, how to prevent them.

Does it feature code examples and/or live coding?
Yes, the entire talk is example driven!

Prerequisite attendee experience level:
Level 300