Google Announces Release of “Browser Security Handbook”

At Technofriends, i have written multiple posts on Security and Hacking. Going forward with this, today in this post i will introduce you to the recently released Browser Security Handbook released by Google.

Security of Web Applications begins with Code and spans topics as complex as Networks to Web and Application servers to routers, gateways and Browsers. It’s also important to note that a thorough understanding of Full Browser Specific behaviour is important when considering security designs for Web 2.0 applications.

Browser Security is an important concept and must not be ignored at any cost.

Browser Security is an important concept and must not be ignored at any cost.

In order to make the life of a developer and other related to the task of Web Security Desigining somewhat easy, Google says

In hopes of helping to make the Web a safer place, we decided to release our Browser Security Handbook to the general public. This 60-page document provides a comprehensive comparison of a broad set of security features and characteristics in commonly used browsers, along with (hopefully) useful commentary and implementation tips for application developers who need to rely on these mechanisms, as well as engineering teams working on future browser-side security enhancements.

This Browser Security Handbook is meant to provide web application developers, browser engineers, and information security researchers with a one-stop reference to key security properties of contemporary web browsers. Insufficient understanding of these often poorly-documented characteristics is a major contributing factor to the prevalence of several classes of security vulnerabilities.

Although all browsers implement roughly the same set of baseline features, there is relatively little standardization – or conformance to standards – when it comes to many of the less apparent implementation details. Furthermore, vendors routinely introduce proprietary tweaks or improvements that may interfere with existing features in non-obvious ways, and seldom provide a detailed discussion of potential problems.

Browser Security Handbook is an interesting read and talks about Basic Concepts of a Web Browser, Standard Browser Security Features like same origin policy, third party cookie rules, content handling mechanism etc. It also talks about the experimental and legacy security features.

You can run a browser security test through ScanIt for testing the various bugs related to your browser.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: