Generating a static web app using Git and securing it using OWASP

Created by Shrimadhav U K / @SpEcHiDe

Continous Integration (CI)

  • .travis-ci.yml
  • .gitlab-ci.yml

Why?

  • Reduces server response time, and hence the cost of maintainance.
  • Git{Lab,Hub} Pages is suited for deploying static web applications, for free.
  • But, people tend to use "this" as a file sharing service, wherein they just upload the required static files, without any consideration for the Version Control part of Git.

Why?

Why?

  • In this workshop, you might learn that,
    • You should not "add" all files to the version control system.
    • Try to use "meta-data" to get the machine to guess what is needed. (HINT: Package Managers ;-))
    • Make a proper directory structure for your version controlled repository, so that other people can help you in improving your web application.

How?
  1. Simple Web Generators
  2. Static Content Management Systems

JavaScript Best Practices

  • use legible code
  • avoid (un)necassary code
  • software abstractions
  • documentation, a.k.a comments
  • do not mix "dev" with "prod"

Hands on Testing

OWASP

Get your Hands dirty!

THE END

References

  1. HackerNews
  2. HackerNews
  3. W3C