"I'd like to announce the
availability of DOM Checker, an automated tool for validating browser
security policy enforcement. The project is hosted at:
http://code.google.com/p/dom-checker/
The tool features several fairly neat features, including exhaustive
hierarchy crawling and side-channel blind write validation to reduce the
number of false positives.
DOM Checker had been used to find a number of major security bypass and
information disclosure problems in several popular browsers, and we had
worked closely with vendors to resolve them (although it's worth noting
that the tool still reports anywhere from 10 to 30 low-risk,
design-related information disclosure issues in these programs).
Our hope is that this tool may serve as a framework for ongoing browser
security research, and would be integrated by browser vendors with their
regression testing and general release QA processes.
Please note that this code is experimental – if you encounter any
problems, or simply have an idea on how to make it better, let us know."
– Michal Zalewski
From the project page
"A simple utility to thoroughly validate DOM, XMLHttpRequest, and
cookie security restriction handling in modern web browsers. Notable
features include exhaustive hierarchy crawling, cross-domain IPC system
for blind write verification, page transition checks, and more.
The tool consists of a small set of HTML pages with embedded
Javascript code and a reporting interface, and may be run directly over
HTTP. Please be sure to modify dom_config.js to specify correct host
names and locations for the hosted code. "
Tool Link: http://code.google.com/p/dom-checker/
