Presentation on HTML5 Security, Part-2 - OWASP Hyd 12 August 2012 novogeek (0) In continuation my previous talk on HTML5 Security at OWASP Hyd, I have covered few more interesting concepts at OWASP Hyd August meet. Slides are more or less the same as my previous session but it was more demo driven where I've shown known security problems and secure coding practi... [More]
A note on JSONP & misconceptions of Cross Origin AJAX 18 July 2012 novogeek (0) Web developers who have worked on accessing APIs using JavaScript would be very much familiar with the term “JSONP”. Many web devs whom I have met offline or in online discussion forums seem to have some misconceptions about JSONP. Below are some of the basic & common definitions whi... [More]
HTML5 Sandbox and some notes 25 June 2012 novogeek (0) While building mashups, one of the primary goals is to securely isolate content coming from different origins. Generally, client side mashups are built in one of the two ways-(1) Embedding third party scripts in a web page (2) Loading remote content via iframes. Embedding scripts provides more inter... [More]
Presentation on HTML5 Security-OWASP Hyderabad 22 May 2012 novogeek (0) Happy to say that I had the opportunity to present at OWASP Hyderabad chapter on "HTML5 Security" on 19th May, 2012. The event had awesome audience from diverse backgrounds in security domain-security researchers, penetration testers, security consultants, few developers etc. The talk went for about... [More]
JSFoo Chennai 2012–”JavaScript is mischievous. Handle 3rd party content with care!” 20 February 2012 novogeek (1) It is always exciting to attend a technical conference focusing on a particular theme and even more if you get the opportunity to present. Continuing their good run, HasGeek has organized JsFoo Chennai 2012, India’s first JavaScript conference series, at IIT Madras Research park. There were se... [More]
It is this easy to steal your click!-DevCon 2011 03 October 2011 novogeek (0) A presentation on Clickjacking attacks & defenses [More]
The need for HTML5 postMessage API 27 September 2011 novogeek (0) The postMessage API in HTML5 specification is useful for making cross domain calls across frames. This is typically useful for mashups, Web 2.0 sites (e.g., pageflakes.com) where different widgets might need to communicate with each other. Few developers have already started using HTML5 postMessa... [More]
Create your own web based slide shows in ECMAScript 5 30 June 2011 NovoGeek (1) Web based slide shows (built using HTML, JS, CSS) have always been my choice and I use them most of the times in my presentations. This post explains how you can create your own web based slide show from scratch, using ECMAScript 5 (ES5). In fact, this is the code walkthrough o... [More]
TechEd on the road-new features in ECMAScript 5 22 May 2011 NovoGeek (2) Happy to say that today I have presented at "TechEd on the road", a developer conference at Microsoft Hyderabad, on "JavaScript APIs and enhancements in ECMAScript 5". It is one of the premier tech events, organized by Microsoft User Group Hyderabad (MUGH) with audience in ... [More]
ECMAScript 5 'Strict mode' support in browsers. What does this mean? 25 April 2011 NovoGeek (0) If you are closely following how the web is shaping up lately, you would be thrilled, like me, looking at pace at which things are changing. There are hundreds of things happening on the new HTML5, CSS3, JavaScript front, frequently releasing browser versions and contest for speed, supporting modern... [More]