My favorites | Sign in
Project Home Downloads Wiki Issues Source
Project Information
Wiki pages

Browser Security Handbook

Browser Security Handbook is meant to provide web application developers, browser engineers, and information security researchers with a one-stop reference to key security properties of contemporary web browsers. Insufficient understanding of these often poorly-documented characteristics is a major contributing factor to the prevalence of several classes of security vulnerabilities.

The document currently covers several hundred security-relevant characteristics of Microsoft Internet Explorer (versions 6, 7, and 8), Mozilla Firefox (versions 2 and 3), Apple Safari, Opera, Google Chrome, and Android embedded browser.

Open-source test cases provided alongside with this document permit any other browser implementations to be quickly evaluated in a similar manner.

Note that a more complete and up-to-date account of the browser security model, including a detailed coverage of topics such as HTML parsing, JS execution, plugin capabilities, frame navigation policies, or HTML5 security, can be found in "The Tangled Web".

Quick links

Powered by Google Project Hosting