SlideShare a Scribd company logo

How to Achieve Cross-Origin Isolation for Enhanced Privacy and Security

Mark Robin
Mark Robin

Sharing my slides I used during my talk in Web.dev LIVE Cebu. Aug 08, 2020

Technology
1 of 48
GDG Cebu
Web Privacy & Security Recipes Mark Robin Senior Software Engineer Inspire Team GDG Cebu #webdevLIVE
GDG Cebu
https:// GDG Cebu
Protects the integrity of your website HTTPS HTTPS helps prevent intruders from tampering with the communications between your websites and your users' browsers. Protects the privacy & security of your users HTTPS prevents intruders from being able to passively listen to communications between your websites and your users. The future of the web HTTPS is a key component to the permission workflows for new features and updated APIs. GDG Cebu
Protects the privacy & security of your users HTTPS prevents intruders from being able to passively listen to communications between your websites and your users. Protects the integrity of your website HTTPS HTTPS helps prevent intruders from tampering with the communications between your websites and your users' browsers. Protects the privacy & security of your users HTTPS prevents intruders from being able to passively listen to communications between your websites and your users. The future of the web HTTPS is a key component to the permission workflows for new features and updated APIs. GDG Cebu Protects the integrity of your website HTTPS helps prevent intruders from tampering with the communications between your websites and your users' browsers.
Protects the integrity of your website HTTPS HTTPS helps prevent intruders from tampering with the communications between your websites and your users' browsers. Protects the privacy & security of your users HTTPS prevents intruders from being able to passively listen to communications between your websites and your users. The future of the web HTTPS is a key component to the permission workflows for new features and updated APIs. GDG Cebu Protects the privacy & security of your users HTTPS prevents intruders from being able to passively listen to communications between your websites and your users. The future of the web HTTPS is a key component to the permission workflows for new features and updated APIs.
www.iliketoquote.com
Cookie recipes: SameSite and beyond GDG Cebu
Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=Lax Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=Lax GDG Cebu
Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=Lax GDG Cebu
Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=Lax GDG Cebu
Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=Lax GDG Cebu
Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=Lax GDG Cebu
Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=Lax GDG Cebu
Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=Lax GDG Cebu
Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=Lax GDG Cebu
Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=Lax GDG Cebu
Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=Lax GDG Cebu
Set-Cookie: __Secure-cookiename=cookievalue; Secure; Domain=news.site; Path=/; HttpOnly; SameSite=Lax GDG Cebu
Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=Lax; Max-Age=900 GDG Cebu
Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=Strict GDG Cebu
Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=None GDG Cebu
Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=None GDG Cebu
Set-Cookie: first_party=cookievalue; SameSite=Lax Set-Cookie: third_party=cookievalue; SameSite=None; Secure GDG Cebu
COOP: COEP: Cross-Origin-Opener-Policy Cross-Origin-Embedder-Policy GDG Cebu
Powerful Features • SharedArrayBuffer across platforms • performance.measureMemory() • JS Self Profiling API and more to come… GDG Cebu
Composability ● Ads ● Fonts ● Images ● Videos ● Maps ● Payment solutions a.example b.example GDG Cebu
Same-origin Policy a.example b.example Browsing Context Group GDG Cebu
Same-origin Policy Origin A Origin B Explanation of whether Origin A and B are "same-origin" or "cross-origin" https://www.example.com:443 https://www.evil.com:443 cross-origin: different domains https://example.com:443 cross-origin: different subdomains https://login.example.com:443 cross-origin: different subdomains http://www.example.com:443 cross-origin: different schemes https://www.example.com:80 cross-origin: different ports https://www.example.com:443 same-origin: exact match https://www.example.com same-origin: implicit port number (443) matches GDG Cebu
Spectre evil.example Browsing Context Group a.example b.example GDG Cebu
COOP+COEP = cross-origin isolated evil.example a.example b.example GDG Cebu
Enabling cross-origin isolation 1. Set `Cross-Origin-Opener-Policy: same-origin` for the main document. 2. Make sure cross-origin resources use `CORP: cross-origin` or CORS. 3. Set `Cross-Origin-Embedder-Policy: require-corp` for the main document. GDG Cebu
Cross-Origin-Opener-Policy: same-origin COOP COEP CORP CORS GDG Cebu
Confirm cross-origin resources support: COOP COEP CORP CORS • `Cross-Origin-Resource-Policy: cross-origin` header • Cross Origin Resource Sharing `<img src=“image.png” crossorigin>` GDG Cebu
Attention! Resource providers: COOP COEP CORP CORS Apply `Cross-Origin-Resource-Policy: cross-origin` header! GDG Cebu
Cross-Origin-Embedder-Policy: require-corp Resource without `CORP` or CORS will be blocked COOP COEP CORP CORS GDG Cebu
Cross-Origin-Embedder-Policy: require-corp Cross-origin resource with `CORP: cross-origin` can be loaded COOP COEP CORP CORS GDG Cebu
```js if (self.crossOriginIsolated) { // Your page is at "cross-origin isolated" state } ``` GDG Cebu
Chrome DevTools GDG Cebu
GDG Cebu
Issues Tab GDG Cebu
GDG Cebu
GDG Cebu
GDG Cebu
This cover has been designed using resources from Freepik.com Security is always excessive until it’s not enough. Robbie Sinclair
linkedin.com/in/markdrobin github.com/mdrobin95 GDG Cebu giphy.com SOURCE web.dev/secure

Recommended

Integrity protection for third-party JavaScript
Integrity protection for third-party JavaScriptIntegrity protection for third-party JavaScript
Integrity protection for third-party JavaScriptFrancois Marier
 
Integrity protection for third-party JavaScript
Integrity protection for third-party JavaScriptIntegrity protection for third-party JavaScript
Integrity protection for third-party JavaScriptFrancois Marier
 
Security and Privacy on the Web in 2016
Security and Privacy on the Web in 2016Security and Privacy on the Web in 2016
Security and Privacy on the Web in 2016Francois Marier
 
Security and Privacy on the Web in 2015
Security and Privacy on the Web in 2015Security and Privacy on the Web in 2015
Security and Privacy on the Web in 2015Francois Marier
 
Content Security Policy
Content Security PolicyContent Security Policy
Content Security PolicyRyan LaBouve
 
Preventing XSS with Content Security Policy
Preventing XSS with Content Security PolicyPreventing XSS with Content Security Policy
Preventing XSS with Content Security PolicyKsenia Peguero
 
W3C Content Security Policy
W3C Content Security PolicyW3C Content Security Policy
W3C Content Security PolicyMarkus Wichmann
 
Securing Java EE Web Apps
Securing Java EE Web AppsSecuring Java EE Web Apps
Securing Java EE Web AppsFrank Kim
 

Recommended

Integrity protection for third-party JavaScript
Integrity protection for third-party JavaScriptIntegrity protection for third-party JavaScript
Integrity protection for third-party JavaScriptFrancois Marier
 
Integrity protection for third-party JavaScript
Integrity protection for third-party JavaScriptIntegrity protection for third-party JavaScript
Integrity protection for third-party JavaScriptFrancois Marier
 
Security and Privacy on the Web in 2016
Security and Privacy on the Web in 2016Security and Privacy on the Web in 2016
Security and Privacy on the Web in 2016Francois Marier
 
Security and Privacy on the Web in 2015
Security and Privacy on the Web in 2015Security and Privacy on the Web in 2015
Security and Privacy on the Web in 2015Francois Marier
 
Content Security Policy
Content Security PolicyContent Security Policy
Content Security PolicyRyan LaBouve
 
Preventing XSS with Content Security Policy
Preventing XSS with Content Security PolicyPreventing XSS with Content Security Policy
Preventing XSS with Content Security PolicyKsenia Peguero
 
W3C Content Security Policy
W3C Content Security PolicyW3C Content Security Policy
W3C Content Security PolicyMarkus Wichmann
 
Securing Java EE Web Apps
Securing Java EE Web AppsSecuring Java EE Web Apps
Securing Java EE Web AppsFrank Kim
 
Bünyamin Demir - 10 Adımda Yazılım Güvenliği
Bünyamin Demir - 10 Adımda Yazılım GüvenliğiBünyamin Demir - 10 Adımda Yazılım Güvenliği
Bünyamin Demir - 10 Adımda Yazılım GüvenliğiCypSec - Siber Güvenlik Konferansı
 
BrightonSEO
BrightonSEOBrightonSEO
BrightonSEORichard Falconer
 
Content Security Policy - The application security Swiss Army Knife
Content Security Policy - The application security Swiss Army KnifeContent Security Policy - The application security Swiss Army Knife
Content Security Policy - The application security Swiss Army KnifeScott Helme
 
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?CiNPA Security SIG
 
CONFidence 2018: Defense-in-depth techniques for modern web applications and ...
CONFidence 2018: Defense-in-depth techniques for modern web applications and ...CONFidence 2018: Defense-in-depth techniques for modern web applications and ...
CONFidence 2018: Defense-in-depth techniques for modern web applications and ...PROIDEA
 
Techorama 2019 - Azure Security Center Unleashed
Techorama 2019 - Azure Security Center UnleashedTechorama 2019 - Azure Security Center Unleashed
Techorama 2019 - Azure Security Center UnleashedTom Janetscheck
 
Experts Live Norway - Azure Infrastructure Security
Experts Live Norway - Azure Infrastructure SecurityExperts Live Norway - Azure Infrastructure Security
Experts Live Norway - Azure Infrastructure SecurityTom Janetscheck
 
Microsoft Ignite The Tour 2020 - BRK30173 - Identity is the new control plane
Microsoft Ignite The Tour 2020 - BRK30173 - Identity is the new control planeMicrosoft Ignite The Tour 2020 - BRK30173 - Identity is the new control plane
Microsoft Ignite The Tour 2020 - BRK30173 - Identity is the new control planeTom Janetscheck
 
Connecting Physical Devices to the Web - Event Driven Architecture using WebS...
Connecting Physical Devices to the Web - Event Driven Architecture using WebS...Connecting Physical Devices to the Web - Event Driven Architecture using WebS...
Connecting Physical Devices to the Web - Event Driven Architecture using WebS...Peter Moskovits
 
Converting you website to https
Converting you website to httpsConverting you website to https
Converting you website to httpsPeter Salerno
 
SEO benefits | ssl certificate | Learn SEO
SEO benefits | ssl certificate | Learn SEOSEO benefits | ssl certificate | Learn SEO
SEO benefits | ssl certificate | Learn SEOdevbhargav1
 
Overview of SSL: choose the option that's right for you
Overview of SSL: choose the option that's right for youOverview of SSL: choose the option that's right for you
Overview of SSL: choose the option that's right for youCloudflare
 
Geek Guide: Apache Web Servers and SSL Authentication
Geek Guide: Apache Web Servers and SSL AuthenticationGeek Guide: Apache Web Servers and SSL Authentication
Geek Guide: Apache Web Servers and SSL AuthenticationRapidSSLOnline.com
 
Android P Security Updates: What You Need to Know
Android P Security Updates: What You Need to KnowAndroid P Security Updates: What You Need to Know
Android P Security Updates: What You Need to KnowNowSecure
 
Stateless authentication for microservices - GR8Conf 2015
Stateless authentication for microservices - GR8Conf 2015Stateless authentication for microservices - GR8Conf 2015
Stateless authentication for microservices - GR8Conf 2015Alvaro Sanchez-Mariscal
 
How Does SSL Affect Your Search Engine Optimization
How Does SSL Affect Your Search Engine OptimizationHow Does SSL Affect Your Search Engine Optimization
How Does SSL Affect Your Search Engine OptimizationChristopher Dill
 
Stateless authentication for microservices - Spring I/O 2015
Stateless authentication for microservices - Spring I/O 2015Stateless authentication for microservices - Spring I/O 2015
Stateless authentication for microservices - Spring I/O 2015Alvaro Sanchez-Mariscal
 
Stateless authentication for microservices - Greach 2015
Stateless authentication for microservices - Greach 2015Stateless authentication for microservices - Greach 2015
Stateless authentication for microservices - Greach 2015Alvaro Sanchez-Mariscal
 
Creating Secure Web Apps: What Every Developer Needs to Know About HTTPS Today
Creating Secure Web Apps: What Every Developer Needs to Know About HTTPS TodayCreating Secure Web Apps: What Every Developer Needs to Know About HTTPS Today
Creating Secure Web Apps: What Every Developer Needs to Know About HTTPS TodayHeroku
 
Time to Migrate to HTTPS – The Simple Way to Do It Right, And the Ways That t...
Time to Migrate to HTTPS – The Simple Way to Do It Right, And the Ways That t...Time to Migrate to HTTPS – The Simple Way to Do It Right, And the Ways That t...
Time to Migrate to HTTPS – The Simple Way to Do It Right, And the Ways That t...Click Consult (Part of Ceuta Group)
 
Rails security: above and beyond the defaults
Rails security: above and beyond the defaultsRails security: above and beyond the defaults
Rails security: above and beyond the defaultsMatias Korhonen
 
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...Cloudflare
 

More Related Content

What's hot

Content Security Policy - The application security Swiss Army Knife
Content Security Policy - The application security Swiss Army KnifeContent Security Policy - The application security Swiss Army Knife
Content Security Policy - The application security Swiss Army KnifeScott Helme
 
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?CiNPA Security SIG
 
CONFidence 2018: Defense-in-depth techniques for modern web applications and ...
CONFidence 2018: Defense-in-depth techniques for modern web applications and ...CONFidence 2018: Defense-in-depth techniques for modern web applications and ...
CONFidence 2018: Defense-in-depth techniques for modern web applications and ...PROIDEA
 
Techorama 2019 - Azure Security Center Unleashed
Techorama 2019 - Azure Security Center UnleashedTechorama 2019 - Azure Security Center Unleashed
Techorama 2019 - Azure Security Center UnleashedTom Janetscheck
 
Experts Live Norway - Azure Infrastructure Security
Experts Live Norway - Azure Infrastructure SecurityExperts Live Norway - Azure Infrastructure Security
Experts Live Norway - Azure Infrastructure SecurityTom Janetscheck
 
Microsoft Ignite The Tour 2020 - BRK30173 - Identity is the new control plane
Microsoft Ignite The Tour 2020 - BRK30173 - Identity is the new control planeMicrosoft Ignite The Tour 2020 - BRK30173 - Identity is the new control plane
Microsoft Ignite The Tour 2020 - BRK30173 - Identity is the new control planeTom Janetscheck
 

What's hot (8)

Bünyamin Demir - 10 Adımda Yazılım Güvenliği
Bünyamin Demir - 10 Adımda Yazılım GüvenliğiBünyamin Demir - 10 Adımda Yazılım Güvenliği
Bünyamin Demir - 10 Adımda Yazılım Güvenliği
 
BrightonSEO
BrightonSEOBrightonSEO
BrightonSEO
 
Content Security Policy - The application security Swiss Army Knife
Content Security Policy - The application security Swiss Army KnifeContent Security Policy - The application security Swiss Army Knife
Content Security Policy - The application security Swiss Army Knife
 
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?
 
CONFidence 2018: Defense-in-depth techniques for modern web applications and ...
CONFidence 2018: Defense-in-depth techniques for modern web applications and ...CONFidence 2018: Defense-in-depth techniques for modern web applications and ...
CONFidence 2018: Defense-in-depth techniques for modern web applications and ...
 
Techorama 2019 - Azure Security Center Unleashed
Techorama 2019 - Azure Security Center UnleashedTechorama 2019 - Azure Security Center Unleashed
Techorama 2019 - Azure Security Center Unleashed
 
Experts Live Norway - Azure Infrastructure Security
Experts Live Norway - Azure Infrastructure SecurityExperts Live Norway - Azure Infrastructure Security
Experts Live Norway - Azure Infrastructure Security
 
Microsoft Ignite The Tour 2020 - BRK30173 - Identity is the new control plane
Microsoft Ignite The Tour 2020 - BRK30173 - Identity is the new control planeMicrosoft Ignite The Tour 2020 - BRK30173 - Identity is the new control plane
Microsoft Ignite The Tour 2020 - BRK30173 - Identity is the new control plane
 

Similar to How to Achieve Cross-Origin Isolation for Enhanced Privacy and Security

Connecting Physical Devices to the Web - Event Driven Architecture using WebS...
Connecting Physical Devices to the Web - Event Driven Architecture using WebS...Connecting Physical Devices to the Web - Event Driven Architecture using WebS...
Connecting Physical Devices to the Web - Event Driven Architecture using WebS...Peter Moskovits
 
Converting you website to https
Converting you website to httpsConverting you website to https
Converting you website to httpsPeter Salerno
 
SEO benefits | ssl certificate | Learn SEO
SEO benefits | ssl certificate | Learn SEOSEO benefits | ssl certificate | Learn SEO
SEO benefits | ssl certificate | Learn SEOdevbhargav1
 
Overview of SSL: choose the option that's right for you
Overview of SSL: choose the option that's right for youOverview of SSL: choose the option that's right for you
Overview of SSL: choose the option that's right for youCloudflare
 
Geek Guide: Apache Web Servers and SSL Authentication
Geek Guide: Apache Web Servers and SSL AuthenticationGeek Guide: Apache Web Servers and SSL Authentication
Geek Guide: Apache Web Servers and SSL AuthenticationRapidSSLOnline.com
 
Android P Security Updates: What You Need to Know
Android P Security Updates: What You Need to KnowAndroid P Security Updates: What You Need to Know
Android P Security Updates: What You Need to KnowNowSecure
 
Stateless authentication for microservices - GR8Conf 2015
Stateless authentication for microservices - GR8Conf 2015Stateless authentication for microservices - GR8Conf 2015
Stateless authentication for microservices - GR8Conf 2015Alvaro Sanchez-Mariscal
 
How Does SSL Affect Your Search Engine Optimization
How Does SSL Affect Your Search Engine OptimizationHow Does SSL Affect Your Search Engine Optimization
How Does SSL Affect Your Search Engine OptimizationChristopher Dill
 
Stateless authentication for microservices - Spring I/O 2015
Stateless authentication for microservices - Spring I/O 2015Stateless authentication for microservices - Spring I/O 2015
Stateless authentication for microservices - Spring I/O 2015Alvaro Sanchez-Mariscal
 
Stateless authentication for microservices - Greach 2015
Stateless authentication for microservices - Greach 2015Stateless authentication for microservices - Greach 2015
Stateless authentication for microservices - Greach 2015Alvaro Sanchez-Mariscal
 
Creating Secure Web Apps: What Every Developer Needs to Know About HTTPS Today
Creating Secure Web Apps: What Every Developer Needs to Know About HTTPS TodayCreating Secure Web Apps: What Every Developer Needs to Know About HTTPS Today
Creating Secure Web Apps: What Every Developer Needs to Know About HTTPS TodayHeroku
 
Time to Migrate to HTTPS – The Simple Way to Do It Right, And the Ways That t...
Time to Migrate to HTTPS – The Simple Way to Do It Right, And the Ways That t...Time to Migrate to HTTPS – The Simple Way to Do It Right, And the Ways That t...
Time to Migrate to HTTPS – The Simple Way to Do It Right, And the Ways That t...Click Consult (Part of Ceuta Group)
 
Rails security: above and beyond the defaults
Rails security: above and beyond the defaultsRails security: above and beyond the defaults
Rails security: above and beyond the defaultsMatias Korhonen
 
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...Cloudflare
 
WebSocket Perspectives and Vision for the Future - HTML5DevConf Oct 2013 SF
WebSocket Perspectives and Vision for the Future - HTML5DevConf Oct 2013 SFWebSocket Perspectives and Vision for the Future - HTML5DevConf Oct 2013 SF
WebSocket Perspectives and Vision for the Future - HTML5DevConf Oct 2013 SFFrank Greco
 
PWA Roadshow Seoul - HTTPS
PWA Roadshow Seoul - HTTPSPWA Roadshow Seoul - HTTPS
PWA Roadshow Seoul - HTTPSChang W. Doh
 
Hacking Client Side Insecurities
Hacking Client Side InsecuritiesHacking Client Side Insecurities
Hacking Client Side Insecuritiesamiable_indian
 
WordCamp US: Delivering the news over HTTPS
WordCamp US: Delivering the news over HTTPSWordCamp US: Delivering the news over HTTPS
WordCamp US: Delivering the news over HTTPSPaul Schreiber
 
Ghost in the Browser: Broad-Scale Espionage with Bitsquatting
Ghost in the Browser: Broad-Scale Espionage with Bitsquatting Ghost in the Browser: Broad-Scale Espionage with Bitsquatting
Ghost in the Browser: Broad-Scale Espionage with BitsquattingBishop Fox
 

Similar to How to Achieve Cross-Origin Isolation for Enhanced Privacy and Security (20)

Connecting Physical Devices to the Web - Event Driven Architecture using WebS...
Connecting Physical Devices to the Web - Event Driven Architecture using WebS...Connecting Physical Devices to the Web - Event Driven Architecture using WebS...
Connecting Physical Devices to the Web - Event Driven Architecture using WebS...
 
Converting you website to https
Converting you website to httpsConverting you website to https
Converting you website to https
 
SEO benefits | ssl certificate | Learn SEO
SEO benefits | ssl certificate | Learn SEOSEO benefits | ssl certificate | Learn SEO
SEO benefits | ssl certificate | Learn SEO
 
Overview of SSL: choose the option that's right for you
Overview of SSL: choose the option that's right for youOverview of SSL: choose the option that's right for you
Overview of SSL: choose the option that's right for you
 
Geek Guide: Apache Web Servers and SSL Authentication
Geek Guide: Apache Web Servers and SSL AuthenticationGeek Guide: Apache Web Servers and SSL Authentication
Geek Guide: Apache Web Servers and SSL Authentication
 
Android P Security Updates: What You Need to Know
Android P Security Updates: What You Need to KnowAndroid P Security Updates: What You Need to Know
Android P Security Updates: What You Need to Know
 
Stateless authentication for microservices - GR8Conf 2015
Stateless authentication for microservices - GR8Conf 2015Stateless authentication for microservices - GR8Conf 2015
Stateless authentication for microservices - GR8Conf 2015
 
How Does SSL Affect Your Search Engine Optimization
How Does SSL Affect Your Search Engine OptimizationHow Does SSL Affect Your Search Engine Optimization
How Does SSL Affect Your Search Engine Optimization
 
Stateless authentication for microservices - Spring I/O 2015
Stateless authentication for microservices - Spring I/O 2015Stateless authentication for microservices - Spring I/O 2015
Stateless authentication for microservices - Spring I/O 2015
 
Stateless authentication for microservices - Greach 2015
Stateless authentication for microservices - Greach 2015Stateless authentication for microservices - Greach 2015
Stateless authentication for microservices - Greach 2015
 
Creating Secure Web Apps: What Every Developer Needs to Know About HTTPS Today
Creating Secure Web Apps: What Every Developer Needs to Know About HTTPS TodayCreating Secure Web Apps: What Every Developer Needs to Know About HTTPS Today
Creating Secure Web Apps: What Every Developer Needs to Know About HTTPS Today
 
Time to Migrate to HTTPS – The Simple Way to Do It Right, And the Ways That t...
Time to Migrate to HTTPS – The Simple Way to Do It Right, And the Ways That t...Time to Migrate to HTTPS – The Simple Way to Do It Right, And the Ways That t...
Time to Migrate to HTTPS – The Simple Way to Do It Right, And the Ways That t...
 
Rails security: above and beyond the defaults
Rails security: above and beyond the defaultsRails security: above and beyond the defaults
Rails security: above and beyond the defaults
 
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...
 
WebSocket Perspectives and Vision for the Future - HTML5DevConf Oct 2013 SF
WebSocket Perspectives and Vision for the Future - HTML5DevConf Oct 2013 SFWebSocket Perspectives and Vision for the Future - HTML5DevConf Oct 2013 SF
WebSocket Perspectives and Vision for the Future - HTML5DevConf Oct 2013 SF
 
PWA Roadshow Seoul - HTTPS
PWA Roadshow Seoul - HTTPSPWA Roadshow Seoul - HTTPS
PWA Roadshow Seoul - HTTPS
 
Hacking Client Side Insecurities
Hacking Client Side InsecuritiesHacking Client Side Insecurities
Hacking Client Side Insecurities
 
WordCamp US: Delivering the news over HTTPS
WordCamp US: Delivering the news over HTTPSWordCamp US: Delivering the news over HTTPS
WordCamp US: Delivering the news over HTTPS
 
Ghost in the Browser: Broad-Scale Espionage with Bitsquatting
Ghost in the Browser: Broad-Scale Espionage with Bitsquatting Ghost in the Browser: Broad-Scale Espionage with Bitsquatting
Ghost in the Browser: Broad-Scale Espionage with Bitsquatting
 
HTTP VS. HTTPS: WHICH IS BETTER??
HTTP VS. HTTPS: WHICH IS BETTER??HTTP VS. HTTPS: WHICH IS BETTER??
HTTP VS. HTTPS: WHICH IS BETTER??
 

Recently uploaded

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 

Recently uploaded (20)

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 

How to Achieve Cross-Origin Isolation for Enhanced Privacy and Security