How to get along with HATEOAS without letting the bad guys steal your lunch?
About this talk
by Steve Poole & Graham Charters How to get along with HATEOAS without letting the bad guys steal your lunch? It’s a cool idea - decouple the client from the server and let the application tell the client what it can do dynamically. This approach should allow much more flexibility and resilience as the client and server can evolve separately. Unfortunately, the HATEOAS approach can be a free lunch for cybercriminals unless you understand the simple steps needed to secure your design. The question is - how to achieve the balance of design flexibility and security in practice? This session will show you how to create a secure hypermedia-driven RESTful web service using HATEOAS principles. You’ll learn how HATEOAS works, understand how it can be exploited by the bad guys and discover why HATEOAS is still a really good approach . With code and examples this session will leave you more informed and possibly a little wiser.
Stay Updated
Get notified about new features and conference additions.
