homepage Welcome to WebmasterWorld Guest from 54.197.111.87
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Code, Content, and Presentation / HTML
Forum Library, Charter, Moderators: incrediBILL

HTML Forum

    
New Browser Security Handbook from Google Code
tedster




msg:3805819
 5:52 am on Dec 12, 2008 (gmt 0)

Here's a new release from Google Code that I'm really getting into - the online Browser Security Handbook.

This document is meant to provide web application developers, browser engineers, and information security researchers with a one-stop reference to key security properties of contemporary web browsers. Insufficient understanding of these often poorly-documented characteristics is a major contributing factor to the prevalence of several classes of security vulnerabilities.

Although all browsers implement roughly the same set of baseline features, there is relatively little standardization - or conformance to standards - when it comes to many of the less apparent implementation details. Furthermore, vendors routinely introduce proprietary tweaks or improvements that may interfere with existing features in non-obvious ways, and seldom provide a detailed discussion of potential problems.

[code.google.com...]

There are three main sections to the online handbook:
Part 1: Basic concepts behind web browsers
Part 2: Standard browser security features
Part 3: Experimental and legacy security mechanisms

I've never worked on developing a browser, but this is valuable information for me, too, as it clears up a lot of my "black box" thinking.

 

JS_Harris




msg:3805863
 6:24 am on Dec 12, 2008 (gmt 0)

Excellent reading material, thanks tedster.

Reading information like this makes me feel like my friends when they set their browser to disable third party cookies for the first time and they start seeing dozens of cookie requests as they browse. They had no idea how much gets placed on their computer much like I'm about to be saying "I had no idea" while reading that.

vincevincevince




msg:3805879
 7:14 am on Dec 12, 2008 (gmt 0)

Very interesting. I am going to copy & paste some of those tables into a fast-reference sheet.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / HTML
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved