Page MenuHomePhabricator

Security training session at hackathon for MediaWiki extension developers and gadget authors.
Closed, ResolvedPublic

Description

I'm planning to host a session at the hackathon for web-application security training. It will be especially aimed at MediaWiki extension developers and gadget developers. There will also be a question/answer portion where people can ask any web application security questions they might have. The session will hopefully be interactive, and participants are welcome to ask for specific topics to be covered (As long as it has to do with web application security).

This session will help you how to make your extensions & gadgets secure and what things to watch out for.

rough topics covered (Not final version):

  • What does it mean to be secure
  • Common attacks
    • SQLi (For MW extensions)
    • XSS (Both from a MW extension (PHP) perspective and from a gadget (JS) perspective)
    • Privacy considerations (external images and what not)
    • [Depending on time] CSRF
  • Questions

Event Timeline

Bawolff created this task.May 15 2018, 1:58 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMay 15 2018, 1:58 AM
0x010C added a subscriber: 0x010C.May 15 2018, 8:50 PM

Hello!
This session is in a room with video recording capabilities. Would you like this session recorded for YouTube / Commons?
Pinging @bcampbell as he will be helping with this.

Yes if possible

Public YouTube stream on MediaWiki channel: https://www.youtube.com/watch?v=1SBPPDr59dw

bcampbell updated the task description. (Show Details)May 18 2018, 7:42 AM
Vvjjkkii renamed this task from Security training session at hackathon for MediaWiki extension developers and gadget authors. to mycaaaaaaa.Jul 1 2018, 1:10 AM
Vvjjkkii triaged this task as High priority.
Vvjjkkii updated the task description. (Show Details)
Vvjjkkii removed a subscriber: Aklapper.
CommunityTechBot renamed this task from mycaaaaaaa to Security training session at hackathon for MediaWiki extension developers and gadget authors..Jul 2 2018, 4:11 PM
CommunityTechBot raised the priority of this task from High to Needs Triage.
CommunityTechBot updated the task description. (Show Details)
CommunityTechBot added a subscriber: Aklapper.
Aklapper closed this task as Resolved.Jul 30 2018, 8:01 AM
Aklapper assigned this task to Bawolff.

@Bawolff: AFAIK this took place, hence closing task as resolved