The high-profile attacks of malicious HTML and JavaScript code have seen a dramatic increase in both awareness and exploitation in recent years. Unfortunately, exiting security mechanisms provide no enough protection. We propose a new protection mechanism named PMHJ based on the support of both web applications and web browsers against malicious HTML and JavaScript code in vulnerable web applications. PMHJ prevents the injection attack of HTML elements with a random attribute value and the node-split attack by an attribute with the hash value of the HTML element. PMHJ ensures the content security in web pages by verifying HTML elements, confining the insecure HTML usages which can be exploited by attackers, and disabling the JavaScript APIs which may incur injection vulnerabilities. PMHJ provides a flexible way to rein the high-risk JavaScript APIs with powerful ability according to the principle of least authority. The PMHJ policy is easy to be deployed into real-world web applications. The test results show that PMHJ has little influence on the run time and code size of web pages.
from #AlexandrosSfakianakis via Alexandros G.Sfakianakis on Inoreader http://ift.tt/1VMr3fw
via IFTTT
Εγγραφή σε:
Σχόλια ανάρτησης (Atom)
Δημοφιλείς αναρτήσεις
-
Publication date: Available online 4 January 2018 Source: European Journal of Radiology Author(s): Peiyao Zhang, Jing Wang, Qin Xu, Zhen...
-
Medicine by Alexandros G. Sfakianakis,Anapafseos 5 Agios Nikolaos 72100 Crete Greece,00302841026182, Butyric Acid from Probiotic Staphyloco...
-
Does CBD Oil Lower Blood Pressure? This article was originally published at SundayScaries." Madeline Taylor POSTED ON January 13, 20...
-
Medicine by Alexandros G. Sfakianakis,Αλέξανδρος Γ. Σφακιανάκης A Novel Technique for Endoscopic Repair of Large Anterior Skull Base Defect...
-
2016-11-22T07-55-59Z Source: International Journal of Medical Science and Public Health Banothu Srinivas, Madhu Mohan Reddy B. Backgrou...
-
2016-10-15T06-30-01Z Source: The Southeast Asian Journal of Case Report and Review Sangita Deepak Kamath, Neeraj Jain, Saurabh Pathak, Ba...
-
BACKGROUND AND PURPOSE: Lesion load is a common biomarker in multiple sclerosis, yet it has historically shown modest association with cl...
-
Abstract The development of focused ion beam-scanning electron microscopy (FIB-SEM) techniques has allowed high-resolution 3D imaging of n...
-
Vol.48 No.2 from #AlexandrosSfakianakis via Alexandros G.Sfakianakis on Inoreader http://ift.tt/1S2Z7n2 via IFTTT
Δεν υπάρχουν σχόλια:
Δημοσίευση σχολίου