Mastodawn

Lukas Weichselbaum Feb 7, 2025

Building secure web apps shouldn't be a burden. We've built a high-assurance web framework at Google that makes security easy for developers. Learn about our "Secure by Design" approach and how it works in our new blog post:

https://bughunters.google.com/blog/6644316274294784/secure-by-design-google-s-blueprint-for-a-high-assurance-web-framework

cc: @ddworken

Blog: Secure by Design: Google's Blueprint for a High-Assurance Web Framework

Learn more about how Google has created and deployed a high-assurance web framework that almost completely eliminates exploitable web vulnerabilities.

Lukas Weichselbaum Nov 18, 2024

I put together a bluesky starter pack with amazing web security folks like @terjanq, @SheHacksPurple, @gaz and many more: http://go.bsky.app/Uf8dZhz

Please share, join, or comment if know someone who should be on that list

Web security

Join the conversation

Bluesky Social

Lukas Weichselbaum Jan 16, 2023

Very exciting! Safari TP 161* has added support for Fetch Metadata request headers! Once support lands in Safari stable, Fetch Metadata will be supported in *all* major browser engines allowing some really interesting defences: https://web.dev/fetch-metadata

*https://webkit.org/blog/13686/release-notes-for-safari-technology-preview-161/

Protect your resources from web attacks with Fetch Metadata

Fetch Metadata is a new web platform feature designed to allow servers to protect themselves from cross-origin attacks.

web.dev

Website 🕸️	https://webappsec.dev
Google I/O 🎙️	https://speakerdeck.com/lweichselbaum/o-19-securing-web-apps-with-modern-platform-features
web.dev ✍️	https://web.dev/authors/lwe/
Bluesky 🦋	https://bsky.app/profile/webappsec.dev
Twitter :twitter:	https://twitter.com/we1x