Upgrade to Pro — share decks privately, control downloads, hide ads and more …

XSSのない最高の夏を過ごそう

Sponsored · Ship Features Fearlessly Turn features on and off without deploys. Used by thousands of Ruby developers.
Avatar for Sota Sugiura Sota Sugiura
June 02, 2016
Technology
0
1k

 XSSのない最高の夏を過ごそう

社内勉強会発表資料

Avatar for Sota Sugiura

Sota Sugiura

June 02, 2016
Tweet

More Decks by Sota Sugiura

See All by Sota Sugiura
内製したSlack Appで頑張るIncident Response@Waroom Meetup #1 / Incident Response with Slack App in 10X
Avatar for Sota Sugiura sota1235
0
1.8k
20220926_セキュリティチームの今_for_Drs._Prime_公開用.pdf
Avatar for Sota Sugiura sota1235
0
170
再発防止策を考える技術 / #phpconsen
Avatar for Sota Sugiura sota1235
10
4k
How to choose the best npm module for your team?
Avatar for Sota Sugiura sota1235
9
630
Realtime Database for high traffic production application
Avatar for Sota Sugiura sota1235
7
4.2k
Road to migrate JP Web as a microservice
Avatar for Sota Sugiura sota1235
4
1.7k
インターフェース再入門 / Think Interface again
Avatar for Sota Sugiura sota1235
6
11k
再発防止策を考える技術 #phpconfuk_rej
Avatar for Sota Sugiura sota1235
1
1.3k
Update around Firebase #io18
Avatar for Sota Sugiura sota1235
3
4.4k

Other Decks in Technology

See All in Technology
配列に見る bash と zsh の違い
Avatar for kazzpapa3 kazzpapa3
3
160
Context Engineeringの取り組み
Avatar for nutslove nutslove
0
380
ファインディの横断SREがTakumi byGMOと取り組む、セキュリティと開発スピードの両立
Avatar for adachi.ryo rvirus0817
1
1.6k
Greatest Disaster Hits in Web Performance
Avatar for Estela Franco guaca
0
280
コスト削減から「セキュリティと利便性」を担うプラットフォームへ
Avatar for SansanTech sansantech
PRO
3
1.6k
SchooでVue.js/Nuxtを技術選定している理由
Avatar for Okuto Oyama yamanoku
3
170
Embedded SREの終わりを設計する 「なんとなく」から計画的な自立支援へ
Avatar for SansanTech sansantech
PRO
3
2.6k
30万人の同時アクセスに耐えたい!新サービスの盤石なリリースを支える負荷試験 / SRE Kaigi 2026
Avatar for GENDA genda
4
1.3k
Amazon S3 Vectorsを使って資格勉強用AIエージェントを構築してみた
Avatar for usanchuu usanchuu
4
450
生成AIと余白 〜開発スピードが向上した今、何に向き合う?〜
Avatar for KAKEHASHI kakehashi
PRO
0
120
ブロックテーマ、WordPress でウェブサイトをつくるということ / 2026.02.07 Gifu WordPress Meetup
Avatar for Toro_Unit (Hiroshi Urabe) torounit
0
200
ランサムウェア対策としてのpnpm導入のススメ
Avatar for Satoru Ishikawa ishikawa_satoru
0
220

Featured

See All Featured
Product Roadmaps are Hard
Avatar for C. Todd Lombardo iamctodd
PRO
55
12k
Discover your Explorer Soul
Avatar for Emna emna__ayadi
2
1.1k
The Invisible Side of Design
Avatar for Vitaly Friedman smashingmag
302
51k
Ecommerce SEO: The Keys for Success Now & Beyond - #SERPConf2024
Avatar for Aleyda Solis aleyda
1
1.8k
What the history of the web can teach us about the future of AI
Avatar for Ines Montani inesmontani
PRO
1
430
Prompt Engineering for Job Search
Avatar for Mfonobong Umondia mfonobong
0
160
Measuring & Analyzing Core Web Vitals
Avatar for Philip Tellis bluesmoon
9
760
Distributed Sagas: A Protocol for Coordinating Microservices
Avatar for Caitie McCaffrey caitiem20
333
22k
Have SEOs Ruined the Internet? - User Awareness of SEO in 2025
Avatar for Akash Hashmi akashhashmi
0
270
How to audit for AI Accessibility on your Front & Back End
Avatar for davetheseo davetheseo
0
180
Principles of Awesome APIs and How to Build Them.
Avatar for Keavy McMinn keavy
128
17k
sira's awesome portfolio website redesign presentation
Avatar for ElsiraPls elsirapls
0
150

Transcript

  1. 944ͷͳ͍࠷ߴͷՆΛ աͦ͝͏ !TPUB

  2. ͱ͜ΖͰօ͞Μ

  3. ΋͏͙͢ՆͰ͢ΑͶ

  4. Ն͸ָ͍͜͠ͱ͕͍ͬͺ͍

  5. Ͱ΋ສ͕Ұ944Λग़͢ͱʜ

  6. ো֐ใࠂͨ͠Γ

  7. ࢒ۀͯ͠ରԠͨ͠Γ

  8. ্࢘ʹౖΒΕͨΓ

  9. ͸͖ͬΓݴͬͯπϥΠ

  10. ͯ͜ͱͰ ࠓ೔ͷ໨త

  11. 944ʹ͍ͭͯվΊͯ஌ݟΛਂΊɺ 944ͱແԑͷ࠷ߴͷՆΛաͦ͝͏ʂ

  12. "HFOEB w "CPVU944 w 5IFSJTLPG944 w 5SZ944 w 944$PVOUFSNFBTVSFT

  13. "CPVU944

  14. 944$SPTT4JUF4DSJQUJOH w ೚ҙͷεΫϦϓτ࣮ߦΛڐ༰ͯ͠͠·͏੬ऑੑ w ओઓ৔͸ओʹ8FCϒϥ΢β w ಈత8FCαΠτͷൟӫʹ൐͍ٸ૿ͨ͠੬ऑੑ

  15. 944ͷछྨ w ൓ࣹܕ944 3FqFDUJPO944  w ஝ੵܕ944 4UPSFE944  w

    %PN#BTFE944

  16. 4DFOBSJPPG944ᶃ 944੬ऑੑͷଘࡏ͢Δ αʔό ίϫΠਓ ߈ܸର৅ ᶃ᠘63-Λࡌͤͨ ϝʔϧΛૹ৴ ᶄ᠘63-ʹΞΫηε ᶅ߈ܸεΫϦϓτͷؚ·Εͨ ϦιʔεΛฦ͢

  17. 4DFOBSJPPG944ᶄ 944੬ऑੑͷଘࡏ͢Δ αʔό ίϫΠਓ ߈ܸର৅ %# ᶃ߈ܸεΫϦϓτΛؚΜͩ σʔλΛૹ৴ ᶅϖʔδʹΞΫηε ᶆ߈ܸεΫϦϓτͷؚ·Εͨ

    ϦιʔεΛฦ͢ ᶄσʔλΛߋ৽

  18. 4DFOBSJPTPG944 w 944ͷ୅දతͳγφϦΦΛ঺հ͠·ͨ͠ w ଞʹ΋͍Ζ͍Ζ͋Δ͚Ͳ͍͍ͩͨ͜ͷύλʔϯ w ৄ͘͠͸ʮࠓ͞Βฉ͚ͳ͍944ʯΛͲ͏ͧ

  19. 5IFSJTLPG944

  20. 944ͷϦεΫ 944ͷϦεΫͱ͸ +BWB4DSJQUͰͰ͖Δ͜ͱ͸ͳΜͰ΋Ͱ͖Δ͜ͱ

  21. +BWB4DSJQUͰͰ͖Δ͜ͱ w $PPLJFͷಡΈࠐΈ w ηογϣϯϋΠδϟοΫ w ϖʔδվ᜵ w "KBY௨৴

  22. +BWB4DSJQUͰͰ͖ͳ͍͜ͱ w 1$্ͷϦιʔε΁ͷΞΫηε w αϯυϘοΫε w ྲྀߦΓͷ&MFDUSPO͸͜͜Β΁Μ͕࠷ۙݴٴ͞Ε͸͡Ίͨ w ҟͳΔΦϦδϯ্ͷϦιʔε΁ͷΞΫηε w

    4BNF0SJHJO1PMJDZ w ଞλϒͷଞαΠτͷ৘ใΛ౪·ΕͨΓ͸͠ͳ͍ ϒϥ΢βʹ ੬ऑੑ͕ͳ͚Ε͹

  23. $BTF4UVEZϖʔδվ᜵ w σβΠφʔͷࣗݾ঺հϖʔδͷ഑৭Λ࠷ѱͷηϯ εʹվ᜵

  24. ·͡Ίͳ࿩ w ΋͠944͕ൃੜ͢Δͱ͋ΒΏΔ೚ҙͷίʔυ͕ Ϣʔβʹૹ৴͞ΕΔ͜ͱʹͳΔ w έʔεʹΑͬͯ͸αʔόଆͷϩάʹ࢒Βͣɺ࡯஌ ෆՄೳͳ944΋ଘࡏ͢Δ w 42-ΠϯδΣΫγϣϯ౳ͱൺ΂ΔͱܰΜ͡ΒΕ ͍ͯΔҹ৅

    ओ؍ ͚ͩͲܾͯ͠ແࢹͰ͖ͳ͍

  25. 5SZ944

  26. ࠓ೔ͷϝΠϯίϯςϯπ

  27. ࣮ࡍʹ944Λ୳ͯ͠ΈΑ͏ʂʂ

  28. 5SZ944 w ࣮ࡍʹ944Λ୳ͯ͠ΈΔ w ॳΊͯͷϋϯζΦϯܗࣜͳͷͰ͙ͩͬͨΒεΠ Ϛηϯ w ࣮ࡍʹ͸ͳ͔ͳ͔ى͖ͳ͍944΋͋Γ·͕͢ɺ +BWB4DSJQUͷڍಈͷษڧ΋݉ͶͯͨΓ͢ΔͷͰ ؾʹͤͣύζϧײ֮Ͱ୳͍ͯͩ͘͠͞

  29. IUUQTHJUIVCDPNTPUBYTT@UPVS

  30. 944$PVOUFSNFBTVSFT

  31. )5.-Τεέʔϓ w ಈతʹग़ྗ͢Δจࣈ͸શͯΤεέʔϓ͠·͠ΐ͏ w 63-ͱ͔Կ΋ߟ͑ͣʹͦͷ··ల։͕ͪ͠ w ຊ౰ʹͦΕ͸҆શͰ͔͢ʁޙ͔Βݟͨਓ͸944Λٙ ΘͣʹࡁΉ࣮૷ʹͳͬͯ·͔͢ʁ w αχλΠζͱ͍͏બ୒ΛऔΔͳΒςετέʔεΛॆ

    ࣮ͤ͞Α͏

  32. ϑϩϯτ+4 w ϑϩϯτ+4΋جຊ͸Τεέʔϓ w ΤεέʔϓͤͣʹؤுΒͳ͖Ό͍͚ͳ͍ͷͰ͋Ε͹Կ ͔͠Βͷ7JFXϥΠϒϥϦͷಋೖΛݕ౼͢΂͖ w K2VFSZͰେྔʹ%0.ૢ࡞͞ΕͯΔίʔυͰ944͕ ઈରʹͳ͍ͱݴ͍੾Δࣗ৴͕͋ΔͳΒ͍͍͚Ͳɻɻɻ

  33. ΫοΩʔΛकΔ w ສ͕Ұɺ944͕ൃੜͯ͠΋ΫοΩʔΛकΔ͜ͱ ͕Ͱ͖Δ w $PPLJFϔομʹIUUQ0OMZΛ͚ͭΔͱ EPDVNFOUDPPLJF͕࢖͑ͳ͘ͳΔ w ͜ͷϔομ͸͜Ε͔Βઌڧ੍ͰϚετʹ͍ͨ͠ Ϩϕϧ

  34. )551ϔομΛۦ࢖͢Δ w Ϟμϯϒϥ΢βͰ͋Ε͹$41ϔομͷ࢖༻Λਪ঑ w ΠϯϥΠϯεΫϦϓτͷ࣮ߦΛ཈੍ w େ఍ͷ944͸͜ΕͰ஄͚Δ w *&͸944'JMUFSΛ༗ޮʹ͢Δ w

    ڍಈ͕͍·͍ͪΦʔϓϯͰͳ͍͚Ͳେ఍ͷ944 ͸஄͚ͦ͏ͳงғؾʁ

  35. 944ͷͳ͍࠷ߴͷՆΛա͝͠·͠ΐ͏