Dutch PHP Conference

June 26, 2015

Cross Site Scripting, or short XSS, is a security vulnerability as old as the web. Despite continuous efforts to educate developers to properly escape values before outputting though XSS are still a common problem. To mitigate XSS attacks at the browser level Mozilla developed a new by now W3C standard called Content Security Policy (CSP). This talk will introduce you to the feature set of the CSP, to what degree current browsers already support it and how easy it is to enhance the security of your own web application.

More details

Back in the days the LAMP stack did satisfy the needs of the web, making it the big success we all know. But today's applications more often than not require a scalability, security and performance this classic environment can hardly provide. In this session we will have a look at a modern web stack leveraging state-of-the-art components like nginx, php-fpm, Redis and more.

More details

The goal of all tests is to discover problems as early as possible. Dependening on the context, the same test can be used to answer different questions about the quality of the software under test. The three dimensions of goal, scope, and notation are one approach to categorize tests. Attendees of this session will learn which aspects of an application should be tested and how to efficiently implement these tests so that they are easy to write and fast to execute while delivering highly reliable results.

More details