Loading…
THE MUST ATTEND EVENT FOR CYBERSECURITY PROFESSIONALS
Friday September 27, 2024 10:30am - 11:15am PDT
When a web application needs to safely render the user’s input as HTML, e.g., to enable rich text formatting, sanitization would be the solution. Generally speaking, sanitizing user input should be done on the server side, right? Well, this is not so obvious for XSS mitigation. While sanitizing on the client side sounds counterintuitive at first, in this talk, we will explain not only why it makes sense for HTML but also why it is important to do so. This talk showcases common pitfalls of sanitizing HTML server-side and dives into multiple interesting real-world vulnerabilities.
Speakers
avatar for Yaniv Nizry

Yaniv Nizry

Vulnerability Researcher, SonarSource
Yaniv Nizry (@YNizry) is a Vulnerability Researcher at Sonar, where he leverages his expertise to identify and mitigate vulnerabilities in complex systems. Starting his way as a software engineer, he shifted his focus while serving in the IDF's 8200 unit, where he gained experience... Read More →
Friday September 27, 2024 10:30am - 11:15am PDT
Room: Grand Ballroom
Feedback form is now closed.

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Share Modal

Share this link via

Or copy link