Chapter 34. Defense Against Client-Side Attacks

In Chapter 16, we covered three forms of client-side attack (prototype pollution, clickjacking, and tabnabbing) extensively. In each of these attacks, we were able to exploit users via their client browsers rather than having to go through a server in order to attack the end user. Client-side attacks are on the rise as browser clients become more sophisticated each and every year.

Because of the limitations that come when attempting to detect client-side attacks, it is imperative to understand how to set up your application in a way that makes client-side attacks difficult for an attacker to pull off successfully. In this chapter, we will cover those techniques so your web application can be as secure as possible when targeted with client-side attacks.

Defending Against Prototype Pollution

Prototype pollution attacks rely on JavaScript’s prototypal inheritance system in order to function (see Chapter 16 for detailed attacks and payload development). Because of the way a JavaScript interpreter walks up the prototype chain looking for functions and data, it’s very possible for an attacker to pollute one object without direct access (by polluting a related object in the inheritance hierarchy).

At first, prototype pollution attacks are difficult to find and mitigate due to their reliance on largely JavaScript-specific language features, but once you get the hang of it, mitigations become significantly easier to understand. Let’s look ...