« AJAX Lockdown: A new concept of data privacy and security for AJAX-based Web applications using client-side data encryption | Main | My Visit to the RSA Conference »

Same-Origin Policy Part 1: Why we're stuck with things like XSS and XSRF/CSRF

"The last few years have seen a constant rise in vulnerabilities like cross-site scripting (XSS), HTTP response splitting, and cross-site request forgery (XSRF or CSRF). While the vectors and exploit of each of these vulnerability classes vary, they all have one common thread. Each of these vulnerabilities exploits trust shared between a user and a website by circumventing the same basic protection mechanism: the same-origin policy.

In my experience most developer's and even many security people--don't really know what the same-origin policy is. Worse yet, the rise of AJAX and mash-ups seems to have turned same-origin into something developers are trying to break. Complicating the issue further are the weaknesses in most browser' implementations of same-origin, leaving open questions about the effectiveness of the policy itself. So, I've decided to try and capture all of the information surrounding same-origin in one place. I also have my own thoughts on the value of the model itself, but I'll save those for the end. " - TAOSSA

Article Link: http://taossa.com/index.php/2007/02/08/same-origin-policy/


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!