[Reading Notes]-white hats on Web security-browser security

Before reading this chapter, let's take a look at the browser security-related content that I have learned. The first is the same-origin policy. Before learning about Web security, I may be more concerned about how to implement cross-origin requests. Before that, I have summarized how to implement cross-origin in JavaScript, I do not know whether there is a vulnerability. Then there is the flash sandbox mechanism. In a small project previously implemented, JavaScript needs to communicate with flash, and a trusted domain name needs to be specified in flash, this is also a security policy restriction.

---------------------------- Lili's reading splitting line -----------------------------

Notes:

1. same-origin policy)

The same-source policy of the browser limits "document" or scripts from different sources to read or set certain attributes for the current "document.

ArticleI have mentioned a cross-origin CSS vulnerability in IE8. For details, see the http://hi.baidu.com/aullik5/item/d99ac7962e04d74ff14215f8.

However, I am confused about how the vulnerability was exploited by hackers. (After reading the following information, the hacker can execute a script to obtain the user's cookie information and then perform some illegal operations)

2. browser sandbox

"Trojan" refers to inserting a maliciousCodeAttackers can exploit browser vulnerabilities to execute arbitrary code.

Sandbox is designed to allow untrusted code to run in a certain environment and restrict Untrusted code from accessing resources outside the isolation zone. If cross-domain sandbox boundaries are required to generate data exchange, you can only use the specified data channel, such as encapsulated APIs. In these APIs, the request validity is strictly checked.

3. malicious website Interception

Working principle: Generally, the browser periodically obtains the latest malicious URL blacklist from the server. If the URL accessed by the user is in the blacklist, a warning page is displayed on the browser.

PS:

XSS: Cross Site Script-Cross Site Scripting

Csrf: Cross Site requst forgery-Cross-Site Request Forgery

---------------------------- Lili's note splitting line -----------------------------

I have a general understanding of how browsers implement security restrictions, however, if hackers use vulnerabilities to obtain user information and do bad things, they are still confused.