13-15 March 2020

City, University London

Lets check your Drupal8 site is secure from XSS attack or not?


Drupal knowledge is must

Session details

Cross-Site Scripting (XSS) is the most basic security vulnerability surviving in web applications at massive. It has been predicted that nearly 65% of websites are unprotected to an XSS attack in some mode, a statistic which should frighten you as much as it does me. The Drupal community puts a set of awareness of security. Drupal’s security team is the central body that is patronizing with security concerns and observations.

The purpose of this session to share knowledge on XSS, how it impacts on D7 & D8 websites, how to prevent it ^ 

Key takeaways
a) How Cross-site scripting works?
b) How do attackers use of cross-site scripting?
c) How XSS impacts on the website workflow
d) Variations of XSS
e) How Reflected XSS works on D7 & D8 websites?
f)  How Stored XSS works on D7 & D8 websites?
g) How to prevent XSS attack


Target Audience

  • This session is for QA/Test Engineers who want to learn more about Drupal security testing.
  • Backend developers who want to know more about Drupal security, How XSS impacts, prevention steps, how XSS attack to the website.
  • Project Managers and Technical Leads who want to know about what it is, how it is done and how to introduce automated checks in the development process
Session Track




Weekend Keynote Speakers

Kevin Bridges


CxO Keynote Speakers

Michel van Velde

One Shoe, CEO

Nick Rhind

CTI Digital, CEO

Greg Harvey

Code Enigma, Director

Rachel Lawson


Carrie Lacina


Drupal apprentices

The best people to train new developers are developers

The Drupal Apprenticeship Scheme will be running a London intake in March. If you are interested in hiring an apprentice or know someone who would benefit from the scheme please get in touch via the link below.

  • Created and run by experienced developers
  • Teaches core skills and best practice
  • Extensive support for businesses and teams

We are also really keen to hear from people who might be interested in mentoring, training and helping us to develop and review training materials to make sure they stay absolutely current and relevant.

Find out more

Join the Drupal Association

The Drupal Association unites a global open source community to build and promote Drupal.

The Association is a not-for-profit organization that relies on individuals and businesses to fund everything they do for Drupal — from drupal.org to DrupalCon and community programs.

Connect with us and support our mission-driven work.

Support the Drupal Association

Hosting provided by