I proposed two talks to the Boston Code Camp 23 conference held next week, but because of the great turn out of speakers (33!), each of us received acceptance of one session to allow everyone to have a chance to speak. I think that's a great stance and glad everyone will be able to present a topic - no one was turned away.
I mentioned my other talk in a post yesterday. While it is still fresh, I have decided to deliver my second talk next week at the Boston .NET Architecture Group meeting on March 18. Here is the title and abstract:
Avoiding Common Security Issues with Javascript Web Applications
This session will cover common issues found in writing secure Javascript web applications. We will cover security issues such as Cross-Site Scripting (XSS) - Reflected, Stored and DOM-based, Cross-Site Request Forgery (CSRF), incorrect sandboxing, incorrect same origin policy and other common vulnerabilities and their mitigations to avoid these problems.
By the end of the evening, we will also discuss what to look for in choosing a Javascript framework based on security posture - it really matters.
If you are interested, the meeting is at the Magenic offices in Waltham, MA from 6-8 pm EST. Of course, I will make the slides/code available after the presentation on my presentations page (as I always do) on my website.