Log In
Or create an account -> 
Imperial Library
  • Home
  • About
  • News
  • Upload
  • Forum
  • Help
  • Login/SignUp

Index
The Tangled Web
PRAISE FOR THE TANGLED WEB
PRAISE FOR SILENCE ON THE WIRE BY MICHAL ZALEWSKI
Preface
Acknowledgments
1. Security in the World of Web Applications
Information Security in a Nutshell
Flirting with Formal Solutions Enter Risk Management Enlightenment Through Taxonomy Toward Practical Approaches
A Brief History of the Web
Tales of the Stone Age: 1945 to 1994 The First Browser Wars: 1995 to 1999 The Boring Period: 2000 to 2003 Web 2.0 and the Second Browser Wars: 2004 and Beyond
The Evolution of a Threat
The User as a Security Flaw The Cloud, or the Joys of Communal Living Nonconvergence of Visions Cross-Browser Interactions: Synergy in Failure The Breakdown of the Client-Server Divide
Global browser market share, May 2011
I. Anatomy of the Web
2. It Starts with a URL
Uniform Resource Locator Structure
Scheme Name Indicator of a Hierarchical URL Credentials to Access the Resource Server Address Server Port Hierarchical File Path Query String Fragment ID Putting It All Together Again
Reserved Characters and Percent Encoding
Handling of Non-US-ASCII Text
Common URL Schemes and Their Function
Browser-Supported, Document-Fetching Protocols Protocols Claimed by Third-Party Applications and Plug-ins Nonencapsulating Pseudo-Protocols Encapsulating Pseudo-Protocols Closing Note on Scheme Detection
Resolution of Relative URLs
3. Hypertext Transfer Protocol
Basic Syntax of HTTP Traffic
The Consequences of Supporting HTTP/0.9 Newline Handling Quirks Proxy Requests Resolution of Duplicate or Conflicting Headers Semicolon-Delimited Header Values Header Character Set and Encoding Schemes Referer Header Behavior
HTTP Request Types
GET POST HEAD OPTIONS PUT DELETE TRACE CONNECT Other HTTP Methods
Server Response Codes
200-299: Success 300-399: Redirection and Other Status Messages 400-499: Client-Side Error 500-599: Server-Side Error Consistency of HTTP Code Signaling
Keepalive Sessions Chunked Data Transfers Caching Behavior HTTP Cookie Semantics HTTP Authentication Protocol-Level Encryption and Client Certificates
Extended Validation Certificates Error-Handling Rules
4. Hypertext Markup Language
Basic Concepts Behind HTML Documents
Document Parsing Modes The Battle over Semantics
Understanding HTML Parser Behavior
Interactions Between Multiple Tags Explicit and Implicit Conditionals HTML Parsing Survival Tips
Entity Encoding HTTP/HTML Integration Semantics Hyperlinking and Content Inclusion
Plain Links Forms and Form-Triggered Requests Frames Type-Specific Content Inclusion A Note on Cross-Site Request Forgery
5. Cascading Style Sheets
Basic CSS Syntax
Property Definitions @ Directives and XBL Bindings Interactions with HTML
Parser Resynchronization Risks Character Encoding
6. Browser-Side Scripts
Basic Characteristics of JavaScript
Script Processing Model
Parsing Function Resolution Code Execution
Execution Ordering Control Code and Object Inspection Capabilities Modifying the Runtime Environment
Overriding Built-Ins Setters and Getters Impact on Potential Uses of the Language
JavaScript Object Notation and Other Data Serializations E4X and Other Syntax Extensions
Standard Object Hierarchy
The Document Object Model Access to Other Documents
Script Character Encoding Code Inclusion Modes and Nesting Risks The Living Dead: Visual Basic
7. Non-HTML Document Types
Plaintext Files Bitmap Images Audio and Video XML-Based Documents
Generic XML View Scalable Vector Graphics Mathematical Markup Language XML User Interface Language Wireless Markup Language RSS and Atom Feeds
A Note on Nonrenderable File Types
8. Content Rendering with Browser Plug-ins
Invoking a Plug-in
The Perils of Plug-in Content-Type Handling
Document Rendering Helpers Plug-in-Based Application Frameworks
Adobe Flash
Properties of ActionScript
Microsoft Silverlight Sun Java XML Browser Applications (XBAP)
ActiveX Controls Living with Other Plug-ins
II. Browser Security Features
9. Content Isolation Logic
Same-Origin Policy for the Document Object Model
document.domain postMessage(...) Interactions with Browser Credentials
Same-Origin Policy for XMLHttpRequest Same-Origin Policy for Web Storage Security Policy for Cookies
Impact of Cookies on the Same-Origin Policy Problems with Domain Restrictions The Unusual Danger of “localhost” Cookies and “Legitimate” DNS Hijacking
Plug-in Security Rules
Adobe Flash
Markup-Level Security Controls Security.allowDomain(...) Cross-Domain Policy Files Policy File Spoofing Risks
Microsoft Silverlight Java
Coping with Ambiguous or Unexpected Origins
IP Addresses Hostnames with Extra Periods Non-Fully Qualified Hostnames Local Files Pseudo-URLs Browser Extensions and UI
Other Uses of Origins
10. Origin Inheritance
Origin Inheritance for about:blank Inheritance for data: URLs Inheritance for javascript: and vbscript: URLs A Note on Restricted Pseudo-URLs
11. Life Outside Same-Origin Rules
Window and Frame Interactions
Changing the Location of Existing Documents
Frame Hijacking Risks Frame Descendant Policy and Cross-Domain Communications
Unsolicited Framing
Beyond the Threat of a Single Click
Cross-Domain Content Inclusion
A Note on Cross-Origin Subresources
Privacy-Related Side Channels Other SOP Loopholes and Their Uses
12. Other Security Boundaries
Navigation to Sensitive Schemes Access to Internal Networks Prohibited Ports Limitations on Third-Party Cookies
13. Content Recognition Mechanisms
Document Type Detection Logic
Malformed MIME Types Special Content-Type Values Unrecognized Content Type Defensive Uses of Content-Disposition Content Directives on Subresources Downloaded Files and Other Non-HTTP Content
Character Set Handling
Byte Order Marks Character Set Inheritance and Override Markup-Controlled Charset on Subresources Detection for Non-HTTP Files
14. Dealing with Rogue Scripts
Denial-of-Service Attacks
Execution Time and Memory Use Restrictions Connection Limits Pop-Up Filtering Dialog Use Restrictions
Window-Positioning and Appearance Problems Timing Attacks on User Interfaces
15. Extrinsic Site Privileges
Browser- and Plug-in-Managed Site Permissions
Hardcoded Domains
Form-Based Password Managers Internet Explorer’s Zone Model
Mark of the Web and Zone.Identifier
III. A Glimpse of Things to Come
16. New and Upcoming Security Features
Security Model Extension Frameworks
Cross-Domain Requests
CORS Request Types Security Checks for Simple Requests Non-simple Requests and Preflight Current Status of CORS
XDomainRequest Other Uses of the Origin Header
Security Model Restriction Frameworks
Content Security Policy
Primary CSP Directives Policy Violations Criticisms of CSP
Sandboxed Frames
Scripting, Forms, and Navigation Synthetic Origins
Strict Transport Security Private Browsing Modes
Other Developments
In-Browser HTML Sanitizers XSS Filtering
17. Other Browser Mechanisms of Note
URL- and Protocol-Level Proposals Content-Level Features I/O Interfaces
18. Common Web Vulnerabilities
Vulnerabilities Specific to Web Applications Problems to Keep in Mind in Web Application Design Common Problems Unique to Server-Side Code
A. Epilogue Notes
Chapter 1 Page 19 Chapter 2 Chapter 3 Chapter 4 Chapter 5 Chapter 6 Chapter 7 Chapter 8 Chapter 9 Chapter 10 Chapter 11 Chapter 12 Chapter 13 Chapter 14 Chapter 15 Chapter 16 Chapter 17
Index About the Author UPDATES
  • ← Prev
  • Back
  • Next →
  • ← Prev
  • Back
  • Next →

Chief Librarian: Las Zenow <zenow@riseup.net>
Fork the source code from gitlab.

This is a mirror of the Tor onion service:
http://kx5thpx2olielkihfyo4jgjqfb7zx7wxr3sd4xzt26ochei4m6f7tayd.onion