Defensive Coding for JavaScript and HTML5


Overview/Description
Target Audience
Prerequisites
Expected Duration
Lesson Objectives
Course Number
Expertise Level


Overview/Description
Defensive Programming is a methodology for writing code that is not prone to present or future errors potentially caused by unexpected user inputs or actions. In this course, you will explore potential risks in web applications and use JavaScript defensive techniques to prevent everything from Document Object Model or DOM manipulation to ensuring proper encoding. You'll also learn about JavaScript Object Notation and how to secure it, as well as how to apply defensive coding to HTML5.

Target Audience
Developers seeking an introductory guide to developing efficient, secure applications that are defendable against a variety of issues

Prerequisites
None

Expected Duration (hours)
1.2

Lesson Objectives

Defensive Coding for JavaScript and HTML5

  • start the course
  • list potential Document Object Model or DOM risks to JavaScript and HTML5 applications
  • describe the risks associated with cross-site scripting and cross-site request forgery
  • identify what Document Object Model or DOM-based Cross-Site Scripting or XSS is and illustrate the form an attack might take in JavaScript
  • describe what social jacking is and identify what things users need to be on the lookout for
  • list potential information and trust issues that would affect JavaScript and HTML5 applications
  • demonstrate how to prevent Document Object Model or DOM manipulation in JavaScript
  • describe common risks associated with third-party application program interfaces or APIs
  • demonstrate how to prevent page manipulation in JavaScript through cascading style sheets or CSS
  • identify the best practices for dealing with client input in a JavaScript HTML5 application
  • troubleshoot potential risks associated with browser plugins
  • demonstrate how to counteract risks by running JavaScript in a sandbox
  • compare Scalable Vector Graphics or SVG exploits and how to use JavaScript to prevent them
  • describe how to secure JavaScript code in your applications
  • describe the key features of JavaScript Object Notation
  • list the key risks of using JavaScript Object Notation
  • perform input validation on JavaScript Object Notation or JSON data
  • use the eval method to convert JavaScript Object Notation or JSON data into a JavaScript object
  • describe how to implement a cross-origin resource sharing policy in HTML5
  • demonstrate the most secure ways to include media in HTML5 pages
  • describe secure practices for using HTML5 Web Workers
  • distinguish some of the key ways to secure HTML5 applications
  • use defensive coding techniques to create a secure JavaScript and HTML5 Application

    • Course Number:
    sd_dpjh_a02_it_enus

    Expertise Level
    Intermediate