Browser Security and Exploitation

4.

Browser Security Models

4.1.

Same-Origin Policy

4.1.1.

Origin Definition Components

4.1.1.1.

Protocol Scheme

4.1.1.2.

4.1.1.3.

4.1.2.

SOP Enforcement Areas

4.1.2.1.

DOM Access Control

4.1.2.2.

Cookie Isolation

4.1.2.3.

Network Request Restrictions

4.1.2.4.

Storage Partitioning

4.1.3.

Cross-Origin Communication

4.1.3.1.

Cross-Origin Resource Sharing

4.1.3.1.1.

Simple Requests

4.1.3.1.2.

Preflight Requests

4.1.3.1.3.

Credential Handling

4.1.3.2.

PostMessage API

4.1.3.2.1.

Message Passing Security

4.1.3.2.2.

Origin Verification

4.1.3.3.

Document Domain Relaxation

4.1.3.3.1.

Subdomain Communication

4.1.3.3.2.

Security Implications

4.1.3.4.

JSONP Technique

4.1.3.4.1.

Implementation Method

4.1.3.4.2.

Security Vulnerabilities

4.2.

Browser Sandboxing

4.2.1.

Sandboxing Principles

4.2.1.1.

Process Isolation

4.2.1.2.

Privilege Separation

4.2.1.3.

Resource Access Control

4.2.2.

Chromium Sandbox Architecture

4.2.2.1.

Broker Process Model

4.2.2.2.

Target Process Restrictions

4.2.2.3.

Security Token Management

4.2.3.

Firefox Sandbox Implementation

4.2.3.1.

Content Process Isolation

4.2.3.2.

Security Level Configuration

4.2.3.3.

4.2.4.

Sandbox Escape Techniques

4.2.4.1.

Kernel Exploitation

4.2.4.2.

4.2.4.3.

Privilege Escalation

4.3.

Content Security Policy

4.3.1.

CSP Directive Types

4.3.1.1.

Source Directives

4.3.1.2.

Navigation Directives

4.3.1.3.

Reporting Directives

4.3.2.

CSP Implementation

4.3.2.1.

Header-Based Deployment

4.3.2.2.

Meta Tag Implementation

4.3.2.3.

Violation Reporting

4.3.3.

CSP Bypass Techniques

4.3.3.1.

Policy Misconfiguration

4.3.3.2.

Script Gadget Abuse

4.3.3.3.

JSONP Injection

4.4.

Security Headers

4.4.1.

HTTP Strict Transport Security

4.4.1.1.

HSTS Directive Options

4.4.1.2.

Preload List Mechanism

4.4.1.3.

Subdomain Inclusion

4.4.2.

Content Type Options

4.4.2.1.

MIME Sniffing Prevention

4.4.2.2.

Security Implications

4.4.3.

4.4.3.1.

Clickjacking Protection

4.4.3.2.

Frame Embedding Control

4.4.4.

Referrer Policy

4.4.4.1.

Referrer Information Control

4.4.4.2.

Privacy Implications

4.4.5.

Cross-Origin Policies

4.4.5.1.

Cross-Origin-Opener-Policy

4.4.5.2.

Cross-Origin-Embedder-Policy

4.4.5.3.

Cross-Origin-Resource-Policy

Previous

3. Web Technology Foundations

Go to top

Next

5. Vulnerability Classifications