Security/Meetings/Automation/2014-06-24
From MozillaWiki
< Security | Meetings | Automation
Previous Meeting: https://wiki.mozilla.org/Security/Meetings/Automation/2014-06-17 This Meeting: https://wiki.mozilla.org/Security/Meetings/Automation/2014-06-24
Agenda
- Status updates
- Videur: modern web-app protection stack with Nginx-LUA
- Defining a spec file for services => https://github.com/mozilla/videur/blob/master/spec/mig_example.json
- Discussions
- Inspecting endpoints https://github.com/mozilla/videur/issues/4
- Rate limiting https://github.com/mozilla/videur/issues/1
- Inheritance https://github.com/mozilla/videur/issues/5
Status Updates
- ulfr
- mig deployment progress
- psiinon
- at appsec EU
- mgoodwin
- has been working with Psiinon on client-zest recording (in content, at least, it's tricky)
- Is fuzzing stuff (CSP and set-cookie, if you're interested)
- st3fan
- CSP-Tool
- freddy
- busy with non-automation things
- yvan
- Meeting with GSoC students for reviews
- adamm
- django csp nonce middleware