An innovative new defense against cross-domain vulnerabilities
Cross-domain (or “Universal XSS”) vulnerabilities have long plagued modern script-enabled web browsers. Shuo Chen of Microsoft Research has developed a new type of defense against these vulnerabilities. A paper on this new approach has been accepted to the 14th ACM Conference on Computer and Communications Security (CCS).
An Analysis of Browser Domain-Isolation Bugs and A Light-Weight Transparent Defense Mechanism
I contributed some time to Shuo’s project and assisted with providing technical background on historical cross-domain vulnerabilities in Internet Explorer.
Comments
- Anonymous
May 29, 2009
PingBack from http://paidsurveyshub.info/story.php?title=random-dross-an-innovative-new-defense-against-cross-domain