O'Reilly logo

The Tangled Web by Michal Zalewski

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 14. Dealing with Rogue Scripts

In the previous five chapters, we examined a fairly broad range of browser security mechanisms—and looking back at them, it is fair to say that almost all share a common goal: to stop rogue content from improperly interfering with any other, legitimate web pages displayed in a browser. This is an important pursuit but also a fairly narrow one; subverting the boundaries between unrelated websites is a large part of every attacker’s repertoire but certainly not the only trick in the book.

The other significant design-level security challenge that all browsers have to face is that attackers may abuse well-intentioned scripting capabilities in order to disrupt or impersonate third-party sites without actually ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required