|
Talk Details
Cross Site Scripting detection and prevention |
| Name |
Rasmus Lerdorf |
 |
| Organisation |
Yahoo! Inc. |
| Website |
http://lerdorf.com/bio.php |
| Scope |
Technical |
| Topic |
Security |
| Type |
talk |
| Abstract |
This talk will tell you all you want to know about Cross-Site Scripting (XSS) attacks. How to generate them, how to prevent them, and how to detect them. We will also do a bit of live XSS checking for anybody brave enough to volunteer their sites. The code snippets are all PHP-based, but the concepts covered are not specific to PHP.
(Note to organizers - I need Internet access during the talk for this one) |
| Pre-requisites |
Some basic web development knowledge is expected. |
| Profile |
Rasmus Lerdorf is known for having gotten the PHP project off the ground in 1995, the mod_info Apache module and he can be blamed for the ANSI92 SQL-defying LIMIT clause in mSQL 1.x which has now, at least conceptually, crept into both MySQL and PostgreSQL. Prior to joining Yahoo! as an infrastructure engineer in 2002, he was at a string of companies including Linuxcare, IBM, and Bell Canada working on Internet technologies. |
|
|
See Talk Schedule
|
SPONSORS
Principal Sponsor
![[Govt of India/MCIT]](/2005/images/sponsors/mcit.gif)
Diamond Sponsor
![[Intel]](/2005/images/sponsors/intel.gif)
Platinum Sponsor
![[Google]](/2005/images/sponsors/google.gif)
Platinum Sponsor
![[Sun Microsystems]](/2005/images/sponsors/sun.gif)
Gold Sponsor
![[HP]](/2005/images/sponsors/hp.gif)
Silver Sponsors
![[C-DAC]](/2005/images/sponsors/cdac.gif)
Internet Sponsor
![[Airtel]](/2005/images/sponsors/airtel.gif)
PC Infrastructure Sponsor
![[Connoiseur]](/2005/images/sponsors/connoiseur.gif)
Supporting Sponsors
![[GCI]](/2005/images/sponsors/gci.gif)
Event Logistics
|
