Defensive Programming for HTML5 Security

Course Description

HTML5 is the fifth revision of the HTML standard. HTML5 and its integration with JavaScript introduce new security risks that you must consider carefully when writing web front-end code. Modern web-based software, including mobile web front-end applications, make heavy use of innovative JavaScript and HTML5 browser support to deliver advanced user experiences. Front-end developers focus their efforts on creating these experiences and are generally not aware of the security implications of the technologies they use.

This course helps web front-end developers understand the risks involved with manipulating the HTML Document Object Model (DOM) and using the advanced features of JavaScript and HTML5 (e.g., cross-origin resource sharing, local storage, and content security policy). In this course, we’ll reinforce some important security aspects of modern browser architecture and present defensive programming techniques that developers can apply immediately to avoid introducing common vulnerabilities. We’ll also provide a detailed description of typical JavaScript sources and sinks and explain how to use them to detect problems in code.

Learning Objectives

  • Recognize that client-side code can introduce security vulnerabilities.
  • Appreciate the HTML5 risk landscape.
  • Apply defensive programming techniques in HTML5.
  • Identify and fix security vulnerabilities in HTML5 code.


Delivery Format: eLearning

Duration: 90 Minutes

Level: Intermediate

Intended Audience:

  • Front-End Developers
  • Mobile Developers 

Competencies: None


Get more course information

250 / 250

More courses you might like