Worth ReadingThe Browser Security HandbookThe Browser Security Handbook (BSH) is a reference for developers and security experts that covers the security features and mechanisms available in different browsers. The BSH currently covers Internet Explorer 6 and 8, Firefox 2 and 3, Safari, Opera, Chrome and the Android embedded browser.It's in three sections, the first looks at the basic concepts involved, from URLs and Unicode, to HTML and JavaScript, then it moves on to the security features that browsers implement to prevent abuse or manipulation. This include detailed explanations how Same Origin policies are applied to cookies, Flash, XMLHttpRequests and Java, and how it affects developers. The final section looks at legacy and experimental security mechanisms.
IntroductionHello, and welcome to the Browser Security Handbook!This document is meant to provide web application developers, browser engineers, and information security researchers with a one-stop reference to key security properties of contemporary web browsers. Insufficient understanding of these often poorly-documented characteristics is a major contributing factor to the prevalence of several classes of security vulnerabilities.Although all browsers implement roughly the same set of baseline features, there is relatively little standardization - or conformance to standards - when it comes to many of the less apparent implementation details. Furthermore, vendors routinely introduce proprietary tweaks or improvements that may interfere with existing features in non-obvious ways, and seldom provide a detailed discussion of potential problems.
The BSH currently covers Internet Explorer 6 and 8-40hz (December 13, 2008, 11:03 AM)
