About the talk
Across the entire web and browser ecosystem there is a move to make things both more secure and more private. Third-party cookies are going away, information is being removed from the user-agent string, browsers are partitioning their storage, and more. At the same time, we still need ways to use third-party services as part of building our sites.
We'll explore how to determine if these changes affect your sites and services along with a selection of best practices to secure your site against threats. Learn how cookies are evolving, alternatives to the user-agent string for client information, keeping control of the resources on your site with Content Security Policy and Permissions Policy, along with implementing cross-site isolation to combat threats like Spectre.
Some of these are techniques you can apply to your site immediately, but others are proposals for how the web platform could work in the future. We'll explore how you can track and contribute to these proposals as we all work towards a safer, more private web.