Security/CSP/XSSModule: Difference between revisions
Jump to navigation
Jump to search
(Created page with '= Document Status = This document is a "straw-man" proposal for breaking Content Security Policies into separate modules. In particular, this module contains the cross-sit…') |
No edit summary |
||
| Line 3: | Line 3: | ||
This document is a "straw-man" proposal for breaking Content Security Policies into separate modules. In particular, this module contains the cross-site script (XSS) mitigations. | This document is a "straw-man" proposal for breaking Content Security Policies into separate modules. In particular, this module contains the cross-site script (XSS) mitigations. | ||
= | = Threat Model = | ||
The XSSModule seeks to help web developers reduce the severity of cross-site scripting vulnerabilities in their web sites. In particular, the XSSModule is concerned with defending against an attacker with the following abilities: | |||
*The attacker can inject a sequence of bytes into a target web page. | |||
*The attacker can cause the user to visit the target web page.<br> | |||
*The attacker owns and operates a malicious web site (e.g., attacker.com). | |||
We assume that the browser properly implements the same-origin policy and does not contain any privilege escalation vulnerabilities. We further assume the web developer wishes to prevent the attacker from achieving the following goals: | |||
*The attacker must not learn the contents of the target web site's cookies. | |||
<br> | |||
= Syntax = | = Syntax = | ||
Revision as of 22:48, 17 October 2009
Document Status
This document is a "straw-man" proposal for breaking Content Security Policies into separate modules. In particular, this module contains the cross-site script (XSS) mitigations.
Threat Model
The XSSModule seeks to help web developers reduce the severity of cross-site scripting vulnerabilities in their web sites. In particular, the XSSModule is concerned with defending against an attacker with the following abilities:
- The attacker can inject a sequence of bytes into a target web page.
- The attacker can cause the user to visit the target web page.
- The attacker owns and operates a malicious web site (e.g., attacker.com).
We assume that the browser properly implements the same-origin policy and does not contain any privilege escalation vulnerabilities. We further assume the web developer wishes to prevent the attacker from achieving the following goals:
- The attacker must not learn the contents of the target web site's cookies.
Syntax
hhh
Semantics
yyy
Examples
dddd