NDC for Community: XSS, CSRF, CSP, JWT, WTF?¯\_(ツ)_/¯ + Observer/Observable APIs

We have really nice traditions in our community! One of these - we meet the evening before NDC for listening to speakers from the conference. Same venue as NDC has, best-of-the-best speakers from NDC. Welcome!

==========================

The event is free for Angular Oslo meetup members. The only obligatory thing you need to do (in addition to setting RSVP) is getting your free ticket here (it will take 30 sec):
https://ndcoslo.com/page/ndc-community-tuesday/

Please note: there will be 5 different local meetups (Angular Oslo, Mobile Meetup, NNUG, C++ User Group and Framsia) going in parallel in Oslo Spektrum that evening. You need to register only once to attend any of them.

We are working on inviting the best NDC speakers to speak at our event, the program will be announced soon. Meanwhile, please reserve your seat.

==========================

17:00 - 17:30
Snacks from NDC and mingling

17:30 - 18:15
XSS, CSRF, CSP, JWT, WTF? IDK ¯_(ツ)_/¯
by Dominik Kundel, Developer Evangelist at Twilio (Berlin)

Robert'); DROP TABLE Students;-- The little Bobby Tables is embodying the classical fear of SQL injections when building web applications.

However, SQL injections are just one aspect of security we need to worry about when building web applications. With the recent popularity of Angular, React and other Single Page Application frameworks we got more logic executing on the front-end, create new problems, and make you forget about others.

In this talk you will learn about XSS, CSRF, CORS, JWT, HTTPS, SPAs, REST APIs and other weird abbreviations, how to protect yourself and your users from the new generation of Bobby Tables.

18:15 - 18:30
Break

18:30 - 19:15
Watch your back, Browser! You're being observed
by Stefan Judis, Developer Relations at Contentful (Berlin)

Web development can be tough. DOM APIs are known to be inconvenient, and we often build the same things over and over again. Thanks to rolling releases by browser vendors this changed. Development of the web as a platform has sped up like never before. New APIs land in browsers with every release allowing for "reactive programming" through new Observer and Observable APIs.

Looking for a way to detect DOM changes to update a different part of the page? MutationObserver got you covered. Want to get notified when elements enter the viewport to load assets? IntersectionObserver is your friend. Are you dealing with sequences of events over time and want to save yourself some headaches? Observables will make your life way easier.

During this talk we'll cover the use cases of Observer/Observable APIs, go over implementation details, and cover everything you need to know to use them in production.

==========================

About the speakers:

Stefan Judis
Twitter @stefanjudis

Stefan started programming 7 years ago and quickly fell in love with web performance, new technologies, and accessibility. He worked for several startups in Berlin and recently joined Contentful to tell the world how an API-first CMS can make you a bit happier. He is also a curator of the web performance online resource Perf Tooling, organizer of the Web Performance Meetup Berlin, contributes to a variety of open source projects and enjoys sharing nerdy discoveries.

Dominik Kundel
Twitter @dkundel

Dominik is a Developer Evangelist for Twilio in Berlin. He has a passion for JavaScript, hackathons, teaching and good whiskey. You will usually find him speaking at meetups and conferences, mentoring at hackathons and CoderDojos or work on open source projects.

==========================

Please, do not forget to get a free ticket here:
https://ndcoslo.com/page/ndc-community-tuesday/

==========================

See you at Spektrum!