Tomorrow marks Atlanta PHP’s fourth consecutive, regular meeting at New Horizons in Tucker, GA. Originally, Matt Kern was slated to present a talk on Ajax, but he is now gearing up to move to Oregon, so he is not able to prepare his presentation. Thus, I have taken up the reigns again, and I will be presenting a talk that I’m preparing for some of the fall conferences (in the event that my proposals are selected).
The talk I’m presenting was actually inspired by several questions asked during my presentation at the last Atlanta PHP meeting, in which I briefly covered cross-site scripting (XSS) and cross-site request forgeries (CSRF) but went on to describe server configuration instead of a more in-depth discussion on XSS and CSRF. This talk goes into more detail where the other left off and approaches these attacks from the application (code) level.
XSS and CSRF: Programmers Prepare, Users Beware
Cross-site scripting (XSS) and cross-site request forgeries (CSRF) are often confused as being one and the same, but this misconception can lead to disastrous results. In this talk, you will encounter each of these attacks through examples and learn to distinguish between them. You will also examine secure coding practices and techniques for prevention.
So, if you’re in the Atlanta area tomorrow, come on out and join Atlanta PHP at 7:00 PM EDT at New Horizons in Tucker.
Looking forward, our August and September meetings are already shaping up and the topics are very promising. We’ll discuss what’s in the forecast at our meeting tomorrow.