A word about DOMPurify bypasses a.k.a why DOM parsing is crazy | Sekurak.tv

Описание к видео A word about DOMPurify bypasses a.k.a why DOM parsing is crazy | Sekurak.tv

In this stream Michał Bentkowski (@SecurityMB) will talk about DOMPurify bypasses that happened within the last year. Michał will start with basics about DOM Parsing and serialization gradually moving in into more advanced topics, including differences between document parsing and fragment parsing; as well as namespace switching, explaining how all these things could lead to bypasses of HTML sanitizers.

Комментарии

Информация по комментариям в разработке