Not sure what Content-Security-Policy and Strict-Transport-Security are about? Your web apps are at risk! Security is crucial but can be hard to get right. Luckily for web developers, the HTTP protocol comes with well-thought-out security specifications. Modern browsers implementing those security features are capable of doing much of the heavy lifting for us. It is our responsibility to put the browsers on guard. This talk explores which security headers are especially useful along with when and how to use them.
Wei is a full-time open source software developer, passionate about beautiful code and cryptocurrencies. She’s currently leading the development effort of Hive web wallet - an elegant cryptocurrency wallet. She’s also a core maintainer of bitcoinjs-lib and co-organizes SingaporeJS meetups and local NodeSchool workshops.