SlideShare a Scribd company logo

How to Achieve Cross-Origin Isolation for Enhanced Privacy and Security

Mark Robin
Mark Robin

Sharing my slides I used during my talk in Web.dev LIVE Cebu. Aug 08, 2020

Technology
1 of 48
GDG Cebu
Web Privacy & Security Recipes Mark Robin Senior Software Engineer Inspire Team GDG Cebu #webdevLIVE
GDG Cebu
https:// GDG Cebu
Protects the integrity of your website HTTPS HTTPS helps prevent intruders from tampering with the communications between your websites and your users' browsers. Protects the privacy & security of your users HTTPS prevents intruders from being able to passively listen to communications between your websites and your users. The future of the web HTTPS is a key component to the permission workflows for new features and updated APIs. GDG Cebu
Protects the privacy & security of your users HTTPS prevents intruders from being able to passively listen to communications between your websites and your users. Protects the integrity of your website HTTPS HTTPS helps prevent intruders from tampering with the communications between your websites and your users' browsers. Protects the privacy & security of your users HTTPS prevents intruders from being able to passively listen to communications between your websites and your users. The future of the web HTTPS is a key component to the permission workflows for new features and updated APIs. GDG Cebu Protects the integrity of your website HTTPS helps prevent intruders from tampering with the communications between your websites and your users' browsers.
Protects the integrity of your website HTTPS HTTPS helps prevent intruders from tampering with the communications between your websites and your users' browsers. Protects the privacy & security of your users HTTPS prevents intruders from being able to passively listen to communications between your websites and your users. The future of the web HTTPS is a key component to the permission workflows for new features and updated APIs. GDG Cebu Protects the privacy & security of your users HTTPS prevents intruders from being able to passively listen to communications between your websites and your users. The future of the web HTTPS is a key component to the permission workflows for new features and updated APIs.
www.iliketoquote.com
Cookie recipes: SameSite and beyond GDG Cebu
Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=Lax Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=Lax GDG Cebu
Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=Lax GDG Cebu
Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=Lax GDG Cebu
Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=Lax GDG Cebu
Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=Lax GDG Cebu
Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=Lax GDG Cebu
Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=Lax GDG Cebu
Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=Lax GDG Cebu
Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=Lax GDG Cebu
Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=Lax GDG Cebu
Set-Cookie: __Secure-cookiename=cookievalue; Secure; Domain=news.site; Path=/; HttpOnly; SameSite=Lax GDG Cebu
Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=Lax; Max-Age=900 GDG Cebu
Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=Strict GDG Cebu
Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=None GDG Cebu
Set-Cookie: __Host-cookiename=cookievalue; Secure; Path=/; HttpOnly; SameSite=None GDG Cebu
Set-Cookie: first_party=cookievalue; SameSite=Lax Set-Cookie: third_party=cookievalue; SameSite=None; Secure GDG Cebu
COOP: COEP: Cross-Origin-Opener-Policy Cross-Origin-Embedder-Policy GDG Cebu
Powerful Features • SharedArrayBuffer across platforms • performance.measureMemory() • JS Self Profiling API and more to come… GDG Cebu
Composability ● Ads ● Fonts ● Images ● Videos ● Maps ● Payment solutions a.example b.example GDG Cebu
Same-origin Policy a.example b.example Browsing Context Group GDG Cebu
Same-origin Policy Origin A Origin B Explanation of whether Origin A and B are "same-origin" or "cross-origin" https://www.example.com:443 https://www.evil.com:443 cross-origin: different domains https://example.com:443 cross-origin: different subdomains https://login.example.com:443 cross-origin: different subdomains http://www.example.com:443 cross-origin: different schemes https://www.example.com:80 cross-origin: different ports https://www.example.com:443 same-origin: exact match https://www.example.com same-origin: implicit port number (443) matches GDG Cebu
Spectre evil.example Browsing Context Group a.example b.example GDG Cebu
COOP+COEP = cross-origin isolated evil.example a.example b.example GDG Cebu
Enabling cross-origin isolation 1. Set `Cross-Origin-Opener-Policy: same-origin` for the main document. 2. Make sure cross-origin resources use `CORP: cross-origin` or CORS. 3. Set `Cross-Origin-Embedder-Policy: require-corp` for the main document. GDG Cebu
Cross-Origin-Opener-Policy: same-origin COOP COEP CORP CORS GDG Cebu
Confirm cross-origin resources support: COOP COEP CORP CORS • `Cross-Origin-Resource-Policy: cross-origin` header • Cross Origin Resource Sharing `<img src=“image.png” crossorigin>` GDG Cebu
Attention! Resource providers: COOP COEP CORP CORS Apply `Cross-Origin-Resource-Policy: cross-origin` header! GDG Cebu
Cross-Origin-Embedder-Policy: require-corp Resource without `CORP` or CORS will be blocked COOP COEP CORP CORS GDG Cebu
Cross-Origin-Embedder-Policy: require-corp Cross-origin resource with `CORP: cross-origin` can be loaded COOP COEP CORP CORS GDG Cebu
```js if (self.crossOriginIsolated) { // Your page is at "cross-origin isolated" state } ``` GDG Cebu
Chrome DevTools GDG Cebu
GDG Cebu
Issues Tab GDG Cebu
GDG Cebu
GDG Cebu
GDG Cebu
This cover has been designed using resources from Freepik.com Security is always excessive until it’s not enough. Robbie Sinclair
linkedin.com/in/markdrobin github.com/mdrobin95 GDG Cebu giphy.com SOURCE web.dev/secure

Recommended

Integrity protection for third-party JavaScript
Integrity protection for third-party JavaScriptIntegrity protection for third-party JavaScript
Integrity protection for third-party JavaScriptFrancois Marier
 
Integrity protection for third-party JavaScript
Integrity protection for third-party JavaScriptIntegrity protection for third-party JavaScript
Integrity protection for third-party JavaScriptFrancois Marier
 
Security and Privacy on the Web in 2016
Security and Privacy on the Web in 2016Security and Privacy on the Web in 2016
Security and Privacy on the Web in 2016Francois Marier
 
Security and Privacy on the Web in 2015
Security and Privacy on the Web in 2015Security and Privacy on the Web in 2015
Security and Privacy on the Web in 2015Francois Marier
 
Content Security Policy
Content Security PolicyContent Security Policy
Content Security PolicyRyan LaBouve
 
Preventing XSS with Content Security Policy
Preventing XSS with Content Security PolicyPreventing XSS with Content Security Policy
Preventing XSS with Content Security PolicyKsenia Peguero
 
W3C Content Security Policy
W3C Content Security PolicyW3C Content Security Policy
W3C Content Security PolicyMarkus Wichmann
 
Securing Java EE Web Apps
Securing Java EE Web AppsSecuring Java EE Web Apps
Securing Java EE Web AppsFrank Kim
 

Recommended

Integrity protection for third-party JavaScript
Integrity protection for third-party JavaScriptIntegrity protection for third-party JavaScript
Integrity protection for third-party JavaScriptFrancois Marier
 
Integrity protection for third-party JavaScript
Integrity protection for third-party JavaScriptIntegrity protection for third-party JavaScript
Integrity protection for third-party JavaScriptFrancois Marier
 
Security and Privacy on the Web in 2016
Security and Privacy on the Web in 2016Security and Privacy on the Web in 2016
Security and Privacy on the Web in 2016Francois Marier
 
Security and Privacy on the Web in 2015
Security and Privacy on the Web in 2015Security and Privacy on the Web in 2015
Security and Privacy on the Web in 2015Francois Marier
 
Content Security Policy
Content Security PolicyContent Security Policy
Content Security PolicyRyan LaBouve
 
Preventing XSS with Content Security Policy
Preventing XSS with Content Security PolicyPreventing XSS with Content Security Policy
Preventing XSS with Content Security PolicyKsenia Peguero
 
W3C Content Security Policy
W3C Content Security PolicyW3C Content Security Policy
W3C Content Security PolicyMarkus Wichmann
 
Securing Java EE Web Apps
Securing Java EE Web AppsSecuring Java EE Web Apps
Securing Java EE Web AppsFrank Kim
 
Bünyamin Demir - 10 Adımda Yazılım Güvenliği
Bünyamin Demir - 10 Adımda Yazılım GüvenliğiBünyamin Demir - 10 Adımda Yazılım Güvenliği
Bünyamin Demir - 10 Adımda Yazılım GüvenliğiCypSec - Siber Güvenlik Konferansı
 
BrightonSEO
BrightonSEOBrightonSEO
BrightonSEORichard Falconer
 
Content Security Policy - The application security Swiss Army Knife
Content Security Policy - The application security Swiss Army KnifeContent Security Policy - The application security Swiss Army Knife
Content Security Policy - The application security Swiss Army KnifeScott Helme
 
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?CiNPA Security SIG
 
CONFidence 2018: Defense-in-depth techniques for modern web applications and ...
CONFidence 2018: Defense-in-depth techniques for modern web applications and ...CONFidence 2018: Defense-in-depth techniques for modern web applications and ...
CONFidence 2018: Defense-in-depth techniques for modern web applications and ...PROIDEA
 
Techorama 2019 - Azure Security Center Unleashed
Techorama 2019 - Azure Security Center UnleashedTechorama 2019 - Azure Security Center Unleashed
Techorama 2019 - Azure Security Center UnleashedTom Janetscheck
 
Experts Live Norway - Azure Infrastructure Security
Experts Live Norway - Azure Infrastructure SecurityExperts Live Norway - Azure Infrastructure Security
Experts Live Norway - Azure Infrastructure SecurityTom Janetscheck
 
Microsoft Ignite The Tour 2020 - BRK30173 - Identity is the new control plane
Microsoft Ignite The Tour 2020 - BRK30173 - Identity is the new control planeMicrosoft Ignite The Tour 2020 - BRK30173 - Identity is the new control plane
Microsoft Ignite The Tour 2020 - BRK30173 - Identity is the new control planeTom Janetscheck
 
Connecting Physical Devices to the Web - Event Driven Architecture using WebS...
Connecting Physical Devices to the Web - Event Driven Architecture using WebS...Connecting Physical Devices to the Web - Event Driven Architecture using WebS...
Connecting Physical Devices to the Web - Event Driven Architecture using WebS...Peter Moskovits
 
Converting you website to https
Converting you website to httpsConverting you website to https
Converting you website to httpsPeter Salerno
 
SEO benefits | ssl certificate | Learn SEO
SEO benefits | ssl certificate | Learn SEOSEO benefits | ssl certificate | Learn SEO
SEO benefits | ssl certificate | Learn SEOdevbhargav1
 
Overview of SSL: choose the option that's right for you
Overview of SSL: choose the option that's right for youOverview of SSL: choose the option that's right for you
Overview of SSL: choose the option that's right for youCloudflare
 
Geek Guide: Apache Web Servers and SSL Authentication
Geek Guide: Apache Web Servers and SSL AuthenticationGeek Guide: Apache Web Servers and SSL Authentication
Geek Guide: Apache Web Servers and SSL AuthenticationRapidSSLOnline.com
 
Android P Security Updates: What You Need to Know
Android P Security Updates: What You Need to KnowAndroid P Security Updates: What You Need to Know
Android P Security Updates: What You Need to KnowNowSecure
 
Stateless authentication for microservices - GR8Conf 2015
Stateless authentication for microservices - GR8Conf 2015Stateless authentication for microservices - GR8Conf 2015
Stateless authentication for microservices - GR8Conf 2015Alvaro Sanchez-Mariscal
 
How Does SSL Affect Your Search Engine Optimization
How Does SSL Affect Your Search Engine OptimizationHow Does SSL Affect Your Search Engine Optimization
How Does SSL Affect Your Search Engine OptimizationChristopher Dill
 
Stateless authentication for microservices - Spring I/O 2015
Stateless authentication for microservices - Spring I/O 2015Stateless authentication for microservices - Spring I/O 2015
Stateless authentication for microservices - Spring I/O 2015Alvaro Sanchez-Mariscal
 
Stateless authentication for microservices - Greach 2015
Stateless authentication for microservices - Greach 2015Stateless authentication for microservices - Greach 2015
Stateless authentication for microservices - Greach 2015Alvaro Sanchez-Mariscal
 
Creating Secure Web Apps: What Every Developer Needs to Know About HTTPS Today
Creating Secure Web Apps: What Every Developer Needs to Know About HTTPS TodayCreating Secure Web Apps: What Every Developer Needs to Know About HTTPS Today
Creating Secure Web Apps: What Every Developer Needs to Know About HTTPS TodayHeroku
 
Time to Migrate to HTTPS – The Simple Way to Do It Right, And the Ways That t...
Time to Migrate to HTTPS – The Simple Way to Do It Right, And the Ways That t...Time to Migrate to HTTPS – The Simple Way to Do It Right, And the Ways That t...
Time to Migrate to HTTPS – The Simple Way to Do It Right, And the Ways That t...Click Consult (Part of Ceuta Group)
 
Rails security: above and beyond the defaults
Rails security: above and beyond the defaultsRails security: above and beyond the defaults
Rails security: above and beyond the defaultsMatias Korhonen
 
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...Cloudflare
 

More Related Content

What's hot

Content Security Policy - The application security Swiss Army Knife
Content Security Policy - The application security Swiss Army KnifeContent Security Policy - The application security Swiss Army Knife
Content Security Policy - The application security Swiss Army KnifeScott Helme
 
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?CiNPA Security SIG
 
CONFidence 2018: Defense-in-depth techniques for modern web applications and ...
CONFidence 2018: Defense-in-depth techniques for modern web applications and ...CONFidence 2018: Defense-in-depth techniques for modern web applications and ...
CONFidence 2018: Defense-in-depth techniques for modern web applications and ...PROIDEA
 
Techorama 2019 - Azure Security Center Unleashed
Techorama 2019 - Azure Security Center UnleashedTechorama 2019 - Azure Security Center Unleashed
Techorama 2019 - Azure Security Center UnleashedTom Janetscheck
 
Experts Live Norway - Azure Infrastructure Security
Experts Live Norway - Azure Infrastructure SecurityExperts Live Norway - Azure Infrastructure Security
Experts Live Norway - Azure Infrastructure SecurityTom Janetscheck
 
Microsoft Ignite The Tour 2020 - BRK30173 - Identity is the new control plane
Microsoft Ignite The Tour 2020 - BRK30173 - Identity is the new control planeMicrosoft Ignite The Tour 2020 - BRK30173 - Identity is the new control plane
Microsoft Ignite The Tour 2020 - BRK30173 - Identity is the new control planeTom Janetscheck
 

What's hot (8)

Bünyamin Demir - 10 Adımda Yazılım Güvenliği
Bünyamin Demir - 10 Adımda Yazılım GüvenliğiBünyamin Demir - 10 Adımda Yazılım Güvenliği
Bünyamin Demir - 10 Adımda Yazılım Güvenliği
 
BrightonSEO
BrightonSEOBrightonSEO
BrightonSEO
 
Content Security Policy - The application security Swiss Army Knife
Content Security Policy - The application security Swiss Army KnifeContent Security Policy - The application security Swiss Army Knife
Content Security Policy - The application security Swiss Army Knife
 
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?
 
CONFidence 2018: Defense-in-depth techniques for modern web applications and ...
CONFidence 2018: Defense-in-depth techniques for modern web applications and ...CONFidence 2018: Defense-in-depth techniques for modern web applications and ...
CONFidence 2018: Defense-in-depth techniques for modern web applications and ...
 
Techorama 2019 - Azure Security Center Unleashed
Techorama 2019 - Azure Security Center UnleashedTechorama 2019 - Azure Security Center Unleashed
Techorama 2019 - Azure Security Center Unleashed
 
Experts Live Norway - Azure Infrastructure Security
Experts Live Norway - Azure Infrastructure SecurityExperts Live Norway - Azure Infrastructure Security
Experts Live Norway - Azure Infrastructure Security
 
Microsoft Ignite The Tour 2020 - BRK30173 - Identity is the new control plane
Microsoft Ignite The Tour 2020 - BRK30173 - Identity is the new control planeMicrosoft Ignite The Tour 2020 - BRK30173 - Identity is the new control plane
Microsoft Ignite The Tour 2020 - BRK30173 - Identity is the new control plane
 

Similar to How to Achieve Cross-Origin Isolation for Enhanced Privacy and Security

Connecting Physical Devices to the Web - Event Driven Architecture using WebS...
Connecting Physical Devices to the Web - Event Driven Architecture using WebS...Connecting Physical Devices to the Web - Event Driven Architecture using WebS...
Connecting Physical Devices to the Web - Event Driven Architecture using WebS...Peter Moskovits
 
Converting you website to https
Converting you website to httpsConverting you website to https
Converting you website to httpsPeter Salerno
 
SEO benefits | ssl certificate | Learn SEO
SEO benefits | ssl certificate | Learn SEOSEO benefits | ssl certificate | Learn SEO
SEO benefits | ssl certificate | Learn SEOdevbhargav1
 
Overview of SSL: choose the option that's right for you
Overview of SSL: choose the option that's right for youOverview of SSL: choose the option that's right for you
Overview of SSL: choose the option that's right for youCloudflare
 
Geek Guide: Apache Web Servers and SSL Authentication
Geek Guide: Apache Web Servers and SSL AuthenticationGeek Guide: Apache Web Servers and SSL Authentication
Geek Guide: Apache Web Servers and SSL AuthenticationRapidSSLOnline.com
 
Android P Security Updates: What You Need to Know
Android P Security Updates: What You Need to KnowAndroid P Security Updates: What You Need to Know
Android P Security Updates: What You Need to KnowNowSecure
 
Stateless authentication for microservices - GR8Conf 2015
Stateless authentication for microservices - GR8Conf 2015Stateless authentication for microservices - GR8Conf 2015
Stateless authentication for microservices - GR8Conf 2015Alvaro Sanchez-Mariscal
 
How Does SSL Affect Your Search Engine Optimization
How Does SSL Affect Your Search Engine OptimizationHow Does SSL Affect Your Search Engine Optimization
How Does SSL Affect Your Search Engine OptimizationChristopher Dill
 
Stateless authentication for microservices - Spring I/O 2015
Stateless authentication for microservices - Spring I/O 2015Stateless authentication for microservices - Spring I/O 2015
Stateless authentication for microservices - Spring I/O 2015Alvaro Sanchez-Mariscal
 
Stateless authentication for microservices - Greach 2015
Stateless authentication for microservices - Greach 2015Stateless authentication for microservices - Greach 2015
Stateless authentication for microservices - Greach 2015Alvaro Sanchez-Mariscal
 
Creating Secure Web Apps: What Every Developer Needs to Know About HTTPS Today
Creating Secure Web Apps: What Every Developer Needs to Know About HTTPS TodayCreating Secure Web Apps: What Every Developer Needs to Know About HTTPS Today
Creating Secure Web Apps: What Every Developer Needs to Know About HTTPS TodayHeroku
 
Time to Migrate to HTTPS – The Simple Way to Do It Right, And the Ways That t...
Time to Migrate to HTTPS – The Simple Way to Do It Right, And the Ways That t...Time to Migrate to HTTPS – The Simple Way to Do It Right, And the Ways That t...
Time to Migrate to HTTPS – The Simple Way to Do It Right, And the Ways That t...Click Consult (Part of Ceuta Group)
 
Rails security: above and beyond the defaults
Rails security: above and beyond the defaultsRails security: above and beyond the defaults
Rails security: above and beyond the defaultsMatias Korhonen
 
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...Cloudflare
 
WebSocket Perspectives and Vision for the Future - HTML5DevConf Oct 2013 SF
WebSocket Perspectives and Vision for the Future - HTML5DevConf Oct 2013 SFWebSocket Perspectives and Vision for the Future - HTML5DevConf Oct 2013 SF
WebSocket Perspectives and Vision for the Future - HTML5DevConf Oct 2013 SFFrank Greco
 
PWA Roadshow Seoul - HTTPS
PWA Roadshow Seoul - HTTPSPWA Roadshow Seoul - HTTPS
PWA Roadshow Seoul - HTTPSChang W. Doh
 
Hacking Client Side Insecurities
Hacking Client Side InsecuritiesHacking Client Side Insecurities
Hacking Client Side Insecuritiesamiable_indian
 
WordCamp US: Delivering the news over HTTPS
WordCamp US: Delivering the news over HTTPSWordCamp US: Delivering the news over HTTPS
WordCamp US: Delivering the news over HTTPSPaul Schreiber
 
Ghost in the Browser: Broad-Scale Espionage with Bitsquatting
Ghost in the Browser: Broad-Scale Espionage with Bitsquatting Ghost in the Browser: Broad-Scale Espionage with Bitsquatting
Ghost in the Browser: Broad-Scale Espionage with BitsquattingBishop Fox
 

Similar to How to Achieve Cross-Origin Isolation for Enhanced Privacy and Security (20)

Connecting Physical Devices to the Web - Event Driven Architecture using WebS...
Connecting Physical Devices to the Web - Event Driven Architecture using WebS...Connecting Physical Devices to the Web - Event Driven Architecture using WebS...
Connecting Physical Devices to the Web - Event Driven Architecture using WebS...
 
Converting you website to https
Converting you website to httpsConverting you website to https
Converting you website to https
 
SEO benefits | ssl certificate | Learn SEO
SEO benefits | ssl certificate | Learn SEOSEO benefits | ssl certificate | Learn SEO
SEO benefits | ssl certificate | Learn SEO
 
Overview of SSL: choose the option that's right for you
Overview of SSL: choose the option that's right for youOverview of SSL: choose the option that's right for you
Overview of SSL: choose the option that's right for you
 
Geek Guide: Apache Web Servers and SSL Authentication
Geek Guide: Apache Web Servers and SSL AuthenticationGeek Guide: Apache Web Servers and SSL Authentication
Geek Guide: Apache Web Servers and SSL Authentication
 
Android P Security Updates: What You Need to Know
Android P Security Updates: What You Need to KnowAndroid P Security Updates: What You Need to Know
Android P Security Updates: What You Need to Know
 
Stateless authentication for microservices - GR8Conf 2015
Stateless authentication for microservices - GR8Conf 2015Stateless authentication for microservices - GR8Conf 2015
Stateless authentication for microservices - GR8Conf 2015
 
How Does SSL Affect Your Search Engine Optimization
How Does SSL Affect Your Search Engine OptimizationHow Does SSL Affect Your Search Engine Optimization
How Does SSL Affect Your Search Engine Optimization
 
Stateless authentication for microservices - Spring I/O 2015
Stateless authentication for microservices - Spring I/O 2015Stateless authentication for microservices - Spring I/O 2015
Stateless authentication for microservices - Spring I/O 2015
 
Stateless authentication for microservices - Greach 2015
Stateless authentication for microservices - Greach 2015Stateless authentication for microservices - Greach 2015
Stateless authentication for microservices - Greach 2015
 
Creating Secure Web Apps: What Every Developer Needs to Know About HTTPS Today
Creating Secure Web Apps: What Every Developer Needs to Know About HTTPS TodayCreating Secure Web Apps: What Every Developer Needs to Know About HTTPS Today
Creating Secure Web Apps: What Every Developer Needs to Know About HTTPS Today
 
Time to Migrate to HTTPS – The Simple Way to Do It Right, And the Ways That t...
Time to Migrate to HTTPS – The Simple Way to Do It Right, And the Ways That t...Time to Migrate to HTTPS – The Simple Way to Do It Right, And the Ways That t...
Time to Migrate to HTTPS – The Simple Way to Do It Right, And the Ways That t...
 
Rails security: above and beyond the defaults
Rails security: above and beyond the defaultsRails security: above and beyond the defaults
Rails security: above and beyond the defaults
 
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...
 
WebSocket Perspectives and Vision for the Future - HTML5DevConf Oct 2013 SF
WebSocket Perspectives and Vision for the Future - HTML5DevConf Oct 2013 SFWebSocket Perspectives and Vision for the Future - HTML5DevConf Oct 2013 SF
WebSocket Perspectives and Vision for the Future - HTML5DevConf Oct 2013 SF
 
PWA Roadshow Seoul - HTTPS
PWA Roadshow Seoul - HTTPSPWA Roadshow Seoul - HTTPS
PWA Roadshow Seoul - HTTPS
 
Hacking Client Side Insecurities
Hacking Client Side InsecuritiesHacking Client Side Insecurities
Hacking Client Side Insecurities
 
WordCamp US: Delivering the news over HTTPS
WordCamp US: Delivering the news over HTTPSWordCamp US: Delivering the news over HTTPS
WordCamp US: Delivering the news over HTTPS
 
Ghost in the Browser: Broad-Scale Espionage with Bitsquatting
Ghost in the Browser: Broad-Scale Espionage with Bitsquatting Ghost in the Browser: Broad-Scale Espionage with Bitsquatting
Ghost in the Browser: Broad-Scale Espionage with Bitsquatting
 
HTTP VS. HTTPS: WHICH IS BETTER??
HTTP VS. HTTPS: WHICH IS BETTER??HTTP VS. HTTPS: WHICH IS BETTER??
HTTP VS. HTTPS: WHICH IS BETTER??
 

Recently uploaded

Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 

Recently uploaded (20)

Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 

How to Achieve Cross-Origin Isolation for Enhanced Privacy and Security