Abstract: "With the emergence of HTML5 web applications become more interactive and responsive. Using Web Workers for multithreading and Web SQL for storing data on the client side, HTML5 applications start to resemble desktop applications. But what new attack opportunities do the new technologies bring? How can we exploit Cross-Origin Resource Sharing, Web Messaging, Web Storage and iframe sandboxing? And how do we write secure code that is resilient to these attacks? Several common vulnerabilities will be presented during this talk together with the code examples of how to do things right." The presenter says... The level of difficulty of this talk is 3 and I consider it is suitable for Techies, Any Geek. This is a new talk and it can be filmed and released.