At Technofriends, i have written multiple posts on Security and Hacking. Going forward with this, today in this post i will introduce you to the recently released Browser Security Handbook released by Google.
Security of Web Applications begins with Code and spans topics as complex as Networks to Web and Application servers to routers, gateways and Browsers. It’s also important to note that a thorough understanding of Full Browser Specific behaviour is important when considering security designs for Web 2.0 applications.
In order to make the life of a developer and other related to the task of Web Security Desigining somewhat easy, Google says
In hopes of helping to make the Web a safer place, we decided to release our Browser Security Handbook to the general public. This 60-page document provides a comprehensive comparison of a broad set of security features and characteristics in commonly used browsers, along with (hopefully) useful commentary and implementation tips for application developers who need to rely on these mechanisms, as well as engineering teams working on future browser-side security enhancements.
This Browser Security Handbook is meant to provide web application developers, browser engineers, and information security researchers with a one-stop reference to key security properties of contemporary web browsers. Insufficient understanding of these often poorly-documented characteristics is a major contributing factor to the prevalence of several classes of security vulnerabilities.
Although all browsers implement roughly the same set of baseline features, there is relatively little standardization – or conformance to standards – when it comes to many of the less apparent implementation details. Furthermore, vendors routinely introduce proprietary tweaks or improvements that may interfere with existing features in non-obvious ways, and seldom provide a detailed discussion of potential problems.
Browser Security Handbook is an interesting read and talks about Basic Concepts of a Web Browser, Standard Browser Security Features like same origin policy, third party cookie rules, content handling mechanism etc. It also talks about the experimental and legacy security features.
You can run a browser security test through ScanIt for testing the various bugs related to your browser.
Filed under: Google, Technology | Tagged: Application Servers, Browser, Browser Side, Computers, Conformance, Easy Google, Google, Google Web, hacking, Implementation Details, Implementation Tips, Internet, Page Document, Safer Place, security, Security Designs, Security Enhancements, Security Features, Security Handbook, Security Properties, Security Researchers, Security Vulnerabilities, Web Application Developers, Web Browsers, Web Security |