XSS Explained with React and Vanilla JS Examples | Cross Site Scripting | dangerouslySetInnerHTML
In this video, I talk about the basics of Cross Site Scripting (XSS), how to exploit it and how to prevent it.
See all of the notes and code from this stream here: https://github.com/CodingGarden/learn...
This is a highlight of a livestream. Watch the full stream here: • What is XSS? | Web Security Wednesday
XSS on Wikipedia: https://en.wikipedia.org/wiki/Cross-s...
XSS on OWASP: https://owasp.org/www-community/attac...
XSS on Snyk.io: https://learn.snyk.io/lesson/xss/
Play the XSS Game: https://xss-game.appspot.com/
00:00 Welcome
00:22 What is XSS?
01:04 First Look at XSS
01:38 Why this is BAD
02:53 Reflected XSS
03:13 Stored XSS
03:54 Real World XSS
05:05 Twitter XSS Explained
05:34 Blind XSS
06:12 Vulnerable Code with innerHTML
07:51 Safe Code with textContent
08:58 Sanitizing HTML with a custom function
11:50 Safe Code with DOMPurify
14:09 Never Trust User Provided Input
15:16 Preventing XSS Summary
16:24 Fixing Attribute Injection
18:04 This scares me
18:33 XSS in React
19:41 dangerouslySetInnerHTML in React
21:00 Trust no one
21:44 DOMPurify with React
23:04 XSS Brain Implant
23:52 XSS for Backend Devs
24:36 Scanners and Static Code Analysis
25:00 Conclusion / Summary
📩 Sign up for my mailing list: https://list.coding.garden/
💖 Donate: https://coding.garden/donate
😍 Pledge: https://coding.garden/pledge
🎉 Stickers: https://coding.garden/stickers
💻 Gear List: https://coding.garden/gear
🔎 Search for more Coding Garden videos here: https://coding.garden/videos
🗣 View the Coding Garden FAQ here: https://github.com/CodingGarden/faqs
Watch video XSS Explained with React and Vanilla JS Examples | Cross Site Scripting | dangerouslySetInnerHTML online without registration, duration hours minute second in high quality. This video was added by user Coding Garden 11 January 2024, don't forget to share it with your friends and acquaintances, it has been viewed on our site 3,20 once and liked it 16 people.