The Tangled Web and Its Same Origin Policy
24 April, 2021
15:00 - 16:00 UTC+05:30
In your timezone:
We live in a digital world which is unpredictable therefore we have Pankaj with us to demystify the Tangled Web and Its Same Origin Policy.
Same Origin Policy is the Fundamental Security Model of the web, it’s been very long that I have been struggling around Same Origin Policy and to overcome this struggle, I did some google and went through some books, watched some boring yet fruitful videos and ended up giving this talk. Having a deep understanding of the Same Origin Policy model is important especially if you are a Security Analyst or developer for secure web development. The Same Origin Policy is possibly the most important security control enforced on the web and is also an inconsistently implemented specification which is many of the times explained so vaguely by human minds that it does not make any sense to other Human Minds.
In this talk I will try to make it easy to understand and will keep your brains engaged so that it does not turn into a boring lecture. We will learn about Same Origin Policy with DOM, browser tabs, iframes, importance of SOP and how it is applied to web storage, images, CSS, JS, etc. I will also talk about Same Origin Policy exceptions and ways to get around Same Origin Policy with detailed explanation to post Message API, URI fragment and CORS etc
Speaker: Pankaj Mouriya, Analyst at Appsecco
Date: 24th Apr, 2021
Time: 3pm onwards