kevinhakanson.com

cf.Objective() 2014

May 20, 2014 #javascript #encryption #security #conference

Last week I was a speaker at cf.Objective() 2014: The World’s Only Enterprise ColdFusion Conference, giving my Developer’s Guide to JavaScript and Web Cryptography presentation.  It took place May 13-16, 2014 at the Radisson Blu - Mall of America, Bloomington, MN.  Session organizers were looking for more Front-End / Mobile / CSS sessions including js.Objective(), a full track dedicated to JavaScript topics.

When I was there, I caught a couple interesting (and relevant) sessions.

Also, by viewing HTTP headers coming from Google Fonts, I learned about the Timing-Allow-Origin Response header from the Resource Timing spec:

The PerformanceResourceTiming interface exposes timing information for a resource to any web page that has included that resource. To limit the access to the PerformanceResourceTiming interface, the same origin policy is enforced by default and certain attributes are set to zero, as described in Section 4.5 Cross-origin Resources. Resource providers can explicitly allow all timing information to be collected for a resource by adding the Timing-Allow-Origin HTTP response header, which specifies the domains that are allowed to access the timing information.

The full schedule has many more topics with the final slide decks to be available on slideshare soon.