Upgrade to Pro — share decks privately, control downloads, hide ads and more …

XSSのない最高の夏を過ごそう

Sponsored · Ship Features Fearlessly Turn features on and off without deploys. Used by thousands of Ruby developers.
Avatar for Sota Sugiura Sota Sugiura
June 02, 2016
Technology
1k
0

 XSSのない最高の夏を過ごそう

社内勉強会発表資料

Avatar for Sota Sugiura

Sota Sugiura

June 02, 2016

More Decks by Sota Sugiura

See All by Sota Sugiura
内製したSlack Appで頑張るIncident Response@Waroom Meetup #1 / Incident Response with Slack App in 10X
Avatar for Sota Sugiura sota1235
0
1.9k
20220926_セキュリティチームの今_for_Drs._Prime_公開用.pdf
Avatar for Sota Sugiura sota1235
0
190
再発防止策を考える技術 / #phpconsen
Avatar for Sota Sugiura sota1235
10
4.1k
How to choose the best npm module for your team?
Avatar for Sota Sugiura sota1235
9
650
Realtime Database for high traffic production application
Avatar for Sota Sugiura sota1235
7
4.3k
Road to migrate JP Web as a microservice
Avatar for Sota Sugiura sota1235
4
1.7k
インターフェース再入門 / Think Interface again
Avatar for Sota Sugiura sota1235
6
11k
再発防止策を考える技術 #phpconfuk_rej
Avatar for Sota Sugiura sota1235
1
1.4k
Update around Firebase #io18
Avatar for Sota Sugiura sota1235
3
4.4k

Other Decks in Technology

See All in Technology
スクラムの中で AI-DLC workflow を 使い始めて3ヶ月の振り返り
Avatar for 株式会社カミナシ kaminashi
0
110
20260423_執筆の工夫と裏側 技術書の企画から刊行まで / From the planning to the publication of technical book
Avatar for nash_efp nash_efp
3
420
CloudTrail を見つめ直してみる
Avatar for kazzpapa3 kazzpapa3
1
110
目的ファーストのハーネス設計 ~ハーネスの変更容易性を高めるための優先順位~
Avatar for Gota gotalab555
8
2.3k
Cortex Codeのコスト見積ヒントご紹介
Avatar for Yosuke Katsuki yokatsuki
0
100
エージェントスキルを作って自分のインプットに役立てよう
Avatar for Yuta Matsumura tsubakimoto_s
0
430
Oracle AI Database@AWS:サービス概要のご紹介
Avatar for oracle4engineer oracle4engineer
PRO
4
2.4k
EBS暗号化に失敗してEC2が動かなくなった話
Avatar for Moe Hamaguchi hamaguchimmm
2
210
弁護士ドットコム株式会社 エンジニア職向け 会社紹介資料
Avatar for 弁護士ドットコム bengo4com
1
180
AndroidアプリとCopilot Studioの統合
Avatar for なかしょ nakasho
0
120
Revisiting [CLS] and Patch Token Interaction in Vision Transformers
Avatar for yu4u yu4u
0
390
ServiceNow Knowledge 26 の歩き方
Avatar for ServiceNow Japan Meetup manarobot
0
140

Featured

See All Featured
Data-driven link building: lessons from a $708K investment (BrightonSEO talk)
Avatar for Szymon Słowik szymonslowik
1
1k
Balancing Empowerment & Direction
Avatar for Lara Hogan lara
6
1.1k
The Psychology of Web Performance [Beyond Tellerrand 2023]
Avatar for Tammy Everts tammyeverts
49
3.4k
Performance Is Good for Brains [We Love Speed 2024]
Avatar for Tammy Everts tammyeverts
12
1.6k
Beyond borders and beyond the search box: How to win the global "messy middle" with AI-driven SEO
Avatar for David Carrasco davidcarrasco
3
110
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
Avatar for Kevin Liebholz kevinliebholz
37
6.4k
Reality Check: Gamification 10 Years Later
Avatar for Sebastian Deterding codingconduct
0
2.1k
How to optimise 3,500 product descriptions for ecommerce in one day using ChatGPT
Avatar for Katarina Dahlin katarinadahlin
PRO
1
3.5k
Optimizing for Happiness
Avatar for Tom Preston-Werner mojombo
378
71k
DevOps and Value Stream Thinking: Enabling flow, efficiency and business value
Avatar for Helen Beal helenjbeal
1
170
Have SEOs Ruined the Internet? - User Awareness of SEO in 2025
Avatar for Akash Hashmi akashhashmi
0
320
The Limits of Empathy - UXLibs8
Avatar for Cassini Nazir cassininazir
1
310

Transcript

  1. 944ͷͳ͍࠷ߴͷՆΛ աͦ͝͏ !TPUB

  2. ͱ͜ΖͰօ͞Μ

  3. ΋͏͙͢ՆͰ͢ΑͶ

  4. Ն͸ָ͍͜͠ͱ͕͍ͬͺ͍

  5. Ͱ΋ສ͕Ұ944Λग़͢ͱʜ

  6. ো֐ใࠂͨ͠Γ

  7. ࢒ۀͯ͠ରԠͨ͠Γ

  8. ্࢘ʹౖΒΕͨΓ

  9. ͸͖ͬΓݴͬͯπϥΠ

  10. ͯ͜ͱͰ ࠓ೔ͷ໨త

  11. 944ʹ͍ͭͯվΊͯ஌ݟΛਂΊɺ 944ͱແԑͷ࠷ߴͷՆΛաͦ͝͏ʂ

  12. "HFOEB w "CPVU944 w 5IFSJTLPG944 w 5SZ944 w 944$PVOUFSNFBTVSFT

  13. "CPVU944

  14. 944$SPTT4JUF4DSJQUJOH w ೚ҙͷεΫϦϓτ࣮ߦΛڐ༰ͯ͠͠·͏੬ऑੑ w ओઓ৔͸ओʹ8FCϒϥ΢β w ಈత8FCαΠτͷൟӫʹ൐͍ٸ૿ͨ͠੬ऑੑ

  15. 944ͷछྨ w ൓ࣹܕ944 3FqFDUJPO944  w ஝ੵܕ944 4UPSFE944  w

    %PN#BTFE944

  16. 4DFOBSJPPG944ᶃ 944੬ऑੑͷଘࡏ͢Δ αʔό ίϫΠਓ ߈ܸର৅ ᶃ᠘63-Λࡌͤͨ ϝʔϧΛૹ৴ ᶄ᠘63-ʹΞΫηε ᶅ߈ܸεΫϦϓτͷؚ·Εͨ ϦιʔεΛฦ͢

  17. 4DFOBSJPPG944ᶄ 944੬ऑੑͷଘࡏ͢Δ αʔό ίϫΠਓ ߈ܸର৅ %# ᶃ߈ܸεΫϦϓτΛؚΜͩ σʔλΛૹ৴ ᶅϖʔδʹΞΫηε ᶆ߈ܸεΫϦϓτͷؚ·Εͨ

    ϦιʔεΛฦ͢ ᶄσʔλΛߋ৽

  18. 4DFOBSJPTPG944 w 944ͷ୅දతͳγφϦΦΛ঺հ͠·ͨ͠ w ଞʹ΋͍Ζ͍Ζ͋Δ͚Ͳ͍͍ͩͨ͜ͷύλʔϯ w ৄ͘͠͸ʮࠓ͞Βฉ͚ͳ͍944ʯΛͲ͏ͧ

  19. 5IFSJTLPG944

  20. 944ͷϦεΫ 944ͷϦεΫͱ͸ +BWB4DSJQUͰͰ͖Δ͜ͱ͸ͳΜͰ΋Ͱ͖Δ͜ͱ

  21. +BWB4DSJQUͰͰ͖Δ͜ͱ w $PPLJFͷಡΈࠐΈ w ηογϣϯϋΠδϟοΫ w ϖʔδվ᜵ w "KBY௨৴

  22. +BWB4DSJQUͰͰ͖ͳ͍͜ͱ w 1$্ͷϦιʔε΁ͷΞΫηε w αϯυϘοΫε w ྲྀߦΓͷ&MFDUSPO͸͜͜Β΁Μ͕࠷ۙݴٴ͞Ε͸͡Ίͨ w ҟͳΔΦϦδϯ্ͷϦιʔε΁ͷΞΫηε w

    4BNF0SJHJO1PMJDZ w ଞλϒͷଞαΠτͷ৘ใΛ౪·ΕͨΓ͸͠ͳ͍ ϒϥ΢βʹ ੬ऑੑ͕ͳ͚Ε͹

  23. $BTF4UVEZϖʔδվ᜵ w σβΠφʔͷࣗݾ঺հϖʔδͷ഑৭Λ࠷ѱͷηϯ εʹվ᜵

  24. ·͡Ίͳ࿩ w ΋͠944͕ൃੜ͢Δͱ͋ΒΏΔ೚ҙͷίʔυ͕ Ϣʔβʹૹ৴͞ΕΔ͜ͱʹͳΔ w έʔεʹΑͬͯ͸αʔόଆͷϩάʹ࢒Βͣɺ࡯஌ ෆՄೳͳ944΋ଘࡏ͢Δ w 42-ΠϯδΣΫγϣϯ౳ͱൺ΂ΔͱܰΜ͡ΒΕ ͍ͯΔҹ৅

    ओ؍ ͚ͩͲܾͯ͠ແࢹͰ͖ͳ͍

  25. 5SZ944

  26. ࠓ೔ͷϝΠϯίϯςϯπ

  27. ࣮ࡍʹ944Λ୳ͯ͠ΈΑ͏ʂʂ

  28. 5SZ944 w ࣮ࡍʹ944Λ୳ͯ͠ΈΔ w ॳΊͯͷϋϯζΦϯܗࣜͳͷͰ͙ͩͬͨΒεΠ Ϛηϯ w ࣮ࡍʹ͸ͳ͔ͳ͔ى͖ͳ͍944΋͋Γ·͕͢ɺ +BWB4DSJQUͷڍಈͷษڧ΋݉ͶͯͨΓ͢ΔͷͰ ؾʹͤͣύζϧײ֮Ͱ୳͍ͯͩ͘͠͞

  29. IUUQTHJUIVCDPNTPUBYTT@UPVS

  30. 944$PVOUFSNFBTVSFT

  31. )5.-Τεέʔϓ w ಈతʹग़ྗ͢Δจࣈ͸શͯΤεέʔϓ͠·͠ΐ͏ w 63-ͱ͔Կ΋ߟ͑ͣʹͦͷ··ల։͕ͪ͠ w ຊ౰ʹͦΕ͸҆શͰ͔͢ʁޙ͔Βݟͨਓ͸944Λٙ ΘͣʹࡁΉ࣮૷ʹͳͬͯ·͔͢ʁ w αχλΠζͱ͍͏બ୒ΛऔΔͳΒςετέʔεΛॆ

    ࣮ͤ͞Α͏

  32. ϑϩϯτ+4 w ϑϩϯτ+4΋جຊ͸Τεέʔϓ w ΤεέʔϓͤͣʹؤுΒͳ͖Ό͍͚ͳ͍ͷͰ͋Ε͹Կ ͔͠Βͷ7JFXϥΠϒϥϦͷಋೖΛݕ౼͢΂͖ w K2VFSZͰେྔʹ%0.ૢ࡞͞ΕͯΔίʔυͰ944͕ ઈରʹͳ͍ͱݴ͍੾Δࣗ৴͕͋ΔͳΒ͍͍͚Ͳɻɻɻ

  33. ΫοΩʔΛकΔ w ສ͕Ұɺ944͕ൃੜͯ͠΋ΫοΩʔΛकΔ͜ͱ ͕Ͱ͖Δ w $PPLJFϔομʹIUUQ0OMZΛ͚ͭΔͱ EPDVNFOUDPPLJF͕࢖͑ͳ͘ͳΔ w ͜ͷϔομ͸͜Ε͔Βઌڧ੍ͰϚετʹ͍ͨ͠ Ϩϕϧ

  34. )551ϔομΛۦ࢖͢Δ w Ϟμϯϒϥ΢βͰ͋Ε͹$41ϔομͷ࢖༻Λਪ঑ w ΠϯϥΠϯεΫϦϓτͷ࣮ߦΛ཈੍ w େ఍ͷ944͸͜ΕͰ஄͚Δ w *&͸944'JMUFSΛ༗ޮʹ͢Δ w

    ڍಈ͕͍·͍ͪΦʔϓϯͰͳ͍͚Ͳେ఍ͷ944 ͸஄͚ͦ͏ͳงғؾʁ

  35. 944ͷͳ͍࠷ߴͷՆΛա͝͠·͠ΐ͏