Hacking Exposed Web 2.0: Web 2.0 Security Secrets and Solutions

Prev | Current Page 88 | Next

Rich Cannings, Himanshu Dwivedi, Zane Lackey, and Alex Stamos

"Hacking Exposed Web 2.0: Web 2.0 Security Secrets and Solutions"

university.edu/badPage.html" >
Similarly, suppose that the attacker??™s personal page is at http://www.university
.edu/~attacker/, the webmail system is at http://www.university.edu/webmail/, and
the webmail cookies are path protected with path=/webmail. Then the attacker can steal
a victim??™s cookies by luring the victim to http://www.university.edu/~attacker/
stealCookies.html, which contains the following code:

Protecting Cookies
Use the added features in the cookie security model, but do not rely on the added security
features in the cookie security model. Simply trust the same origin policy and sculpt
your web application??™s security around the same origin policy.
30 Hacking Exposed Web 2.0
Flash Security Model
Flash is a popular plug-in for most web browsers. Recent versions of Flash have very
complicated security models that can be customized to the developer??™s preference.

Pages:
76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100

After the Rain : how the West lost the East (page 300) A History of Indian Philosophy, Volume 1 (page 27) The Adventures of Tom Sawyer, Part 3. (page 47)

Books for you

Rich Cannings, Himanshu Dwivedi, Zane Lackey, and Alex Stamos

"Hacking Exposed Web 2.0: Web 2.0 Security Secrets and Solutions"