| Publisher | Stanford University | ||
|---|---|---|---|
| Format | 3.5MB PDF | Date added | 14 May 2008 |
| Topics | Web Browsers, Security Management | ||
| Downloads | 10 | ||
Many web sites embed third-party content in frames, relying on the browser's security policy to protect them from malicious content. Frames, however, are often insufficient isolation primitives because most browsers let framed content manipulate other frames through navigation. The paper evaluates existing frame navigation policies and advocate a stricter policy, which the paper deploys in the open-source browsers. In addition to preventing undesirable interactions, the browser's strict isolation policy also hinders communication between cooperating frames. The paper analyzes two techniques for inter-frame communication.
Did you find this white paper useful?
9 out of 17 users found this white paper useful
Related white papers
MSDN Webcast: Internet Explorer 8 for Developers (Level 200)
Windows Internet Explorer 8 ushers in a new wave of browser innovation from Microsoft, including Web Slices and Accelerators, while maintaining compatibility with the today's Web standards. The presenter of...
MSDN Webcast: Designing Creative DHTML, Silverlight UIs: Simple, Visualized & Intuitive (Level 300)
The presenter of this webcast shows off the new point and click Visual WebGui Control & Theme Designer. This designer joins the well known drag and drop Visual WebGui Form...
MSDN Webcast: Silverlight Controls Framework (Level 100)
The presenter of this webcast provides an overview of the Microsoft Silverlight controls and controls model. The presenter shows how to use Silverlight controls and how to make minor visual...
The Security Architecture of the Chromium Browser
Most current web browsers employ a monolithic architecture that combines "The User" and "The Web" into a single protection domain. An attacker who exploits arbitrary code execution vulnerability in such...
Leading TV and Online Sports Broadcaster Raises the Bar With Microsoft Silverlight
Founded in 1992 and based in London, Setanta Sports is a leading Internet and pay-TV sports broadcaster, operating channels in the U.K., Ireland, North America, and Australia. Setanta wanted to...
Web Technologies Help MTV Networks Create Dynamic Website and Improve Global Workflow
MTV Networks (MTVN), a division of Viacom, is one of the world's leading creators of entertainment content. In 2000, the company created ALIAS (Archive Library Information Access System), an enterprise...
Organizing Bookmarks With Firefox to Save Screen Space
The author is sitting here typing on a 13.3" 1280 x 800 resolution LCD screen, and to him, 1280 x 800 isn't low resolution, but it's not quite enough to...
