Course Description
This course presents the reader with an overview of quirks and features that make JavaScript such a flexible, powerful, and popular language. The course does not focus specifically on client-side or server-side JavaScript, but instead gives an overview of security features built into the JavaScript language itself, as well as security features provided by the browsers and utilized by JavaScript web applications. The main sections of the course do a deep dive into the most common, most severe, and the oldest JavaScript security issue - cross-site scripting. It discusses different JavaScript execution contexts, dataflow concepts for identifying the issues, and protection mechanisms. Following that, it also covers the clickjacking vulnerability and mitigation methods. The last lesson focuses on managing dependencies in client-side and server-side applications and tools for identifying vulnerabilities in third-party JavaScript libraries.