COD 352: Creating Secure jQuery Code
Learn about the most common client-side vulnerabilities and threats to jQuery applications, and techniques for mitigating these vulnerabilities and threats. Through interactive exercises, just-in-time knowledge checks and traditional eLearning, this course will teach students how to implement new HTML5 security features to secure JQuery applications, and best practices to secure local storage and implement transport layer security. After completing this course, you will be able to articulate the threats that can impact your jQuery code and describe the countermeasures to address these threats.
Upon completion of this course, participants will be able to:
- Identify common client-side vulnerabilities and threats to jQuery applications
- Understand common client-side threats to jQuery security: XSS, CSRF, clickjacking, and attacks on offline local storage, and various offline storage vulnerabilities
- Describe various techniques for proper input validation and output encoding in jQuery applications
- Learn how client-side input validation and output encoding helps secure jQuery applications and protect against XSS attacks
- Understand input validation via whitelisting and blacklisting, as well as about escaping and encoding output
- Learn about general validation and encoding strategies, jQuery encoding libraries, unsafe functions, and unsafe property values
- Understand context-sensitive data handling, and about using consistent character sets to help protect against evasion techniques that exploit character set ambiguity
This course can be customized for Instructor-Led training. Course contents and duration may vary. Contact us for details.