1. web/Zalewski本
まえがきより: 本書の構成
The layout of this book is centered on exploring some of the most prominent, high-level browser building blocks and various security-relevant topics defrived from this narrative.
ブラウザを構成する高位の要素のうち、もっとも目立つものを中心に解説し、これらの話から派生する 各種のセキュリティ関係の話題も取り上げる。
2. contents
http://nostarch.com/tangledweb
Table of Contents Preface and Acknowledgments 1. Security in the World of Web Applications Part I: Anatomy of the Web 2. It Starts with A URL 3. Hypertext Transfer Protocol 4. Hypertext Markup Language 5. Cascading Style Sheets 6. Browser-Side Scripts 7. Non-HTML Document Types 8. Content Rendering with Browser Plug-Ins Part II: Browser Security Features 9. Content Isolation Logic 10. Origin Inheritance 11. Life Outside Same-Origin Rules 12. Other Security Boundaries 13. Content Recognition Mechanisms 14. Dealing with Rogue Scripts 15. Extrinsic Site Privileges Part III: A Glimpse of Things to Come 16. New and Upcoming Security Features 17. Other Browser Mechanisms of Note 18. Common Web Vulnerabilities Epilogue Notes Index
amazon.com (評あり) http://www.amazon.com/The-Tangled-Web-Securing-Applications/dp/1593273886
This book starts out with the observation that while the field of information security seems to be a mature and well-defined discipline, there is not even a rudimentary usable framework for understanding and assessing the security of modern software.
1 SECURITY IN THE WORLD OF WEB APPLICATIONS 1
Information Security in a Nutshell ............................................ 1 Flirting with Formal Solutions ................................................... 2 Enter Risk Management ................................................................ 4 Enlightenment Through Taxonomy ............................................. 6 Toward Practical Approaches ....................................................... 7 A Brief History of the Web ............................................................ 8 Tales of the Stone Age: 1945 to 1994 ....................................... 8 The First Browser Wars: 1995 to 1999 ................................... 10 The Boring Period: 2000 to 2003 .............................................. 11 Web 2.0 and the Second Browser Wars: 2004 and Beyond ....12 The Evolution of a Threat.............................................................. 14 The User as a Security Flaw........................................................... 14 The Cloud, or the Joys of Communal Living............................... 15 Nonconvergence of Visions ........................................................... 15 Cross-Browser Interactions: Synergy in Failure ..................... 16 The Breakdown of the Client-Server Divide ............................. 17
PART I : ANATOMY OF THE WEB
2 IT STARTS WITH A URL 23
In chapter 2, the book details that something as elementary as how the resolution of relative URL's is done isn't a trivial exercise. The book details how misunderstandings occur between application level URL filters and the browser when handling these types of relative references can lead to security problems.
Uniform Resource Locator Structure.......................................... 24 Scheme Name .................................................................................... 24 Indicator of a Hierarchical URL ................................................... 25 Credentials to Access the Resource........................................... 26 Server Address ................................................................................ 26 Server Port ....................................................................................... 27 Hierarchical File Path..................................................................... 27 Query String................................................................ 28 Fragment ID.................................................................. 28 Putting It All Together Again ................................ 29 Reserved Characters and Percent Encoding ............................. 31 Handling of Non-US-ASCII Text...................................................... 32 Common URL Schemes and Their Function................................... 36 Browser-Supported, Document-Fetching Protocols .................. 36 Protocols Claimed by Third-Party Applications and Plug-ins... 36 Nonencapsulating Pseudo-Protocols............................................... 37 Encapsulating Pseudo-Protocols ..................................................... 37 Closing Note on Scheme Detection .................................................. 38 Resolution of Relative URLs .............................................................. 38 Security Engineering Cheat Sheet.................................................... 40 When Constructing Brand-New URLs Based on User Input ........ 40 When Designing URL Input Filters .................................................... 40 When Decoding Parameters Received Through URLs ................... 40
3 HYPERTEXT TRANSFER PROTOCOL 41
Basic Syntax of HTTP Traffic .............................................................. 42 The Consequences of Supporting HTTP/0.9 .................................... 44 Newline Handling Quirks....................................................................... 45 Proxy Requests......................................................................................... 46 Resolution of Duplicate or Conflicting Headers.............................. 47 Semicolon-Delimited Header Values.................................................... 48 Header Character Set and Encoding Schemes ................................... 49 Referer Header Behavior ........................................................................ 51 HTTP Request Types ................................................................................ 52 GET........................................................... 52 POST ........................................................52 HEAD ........................................................53 OPTIONS.................................................. 53 PUT .......................................................... 53 DELETE .................................................... 53 TRACE ...................................................... 53 CONNECT ................................................ 54 Other HTTP Methods ...........................54 Server Response Codes......................... 54 200–299: Success ................................. 54 300–399: Redirection and Other Status Messages.......................... 55 400–499: Client-Side Error ................................................................... 55 500–599: Server-Side Error ................................................................... 56 Consistency of HTTP Code Signaling ................................................... 56 Keepalive Sessions .................................................................................... 56 Chunked Data Transfers ........................................................................... 57 Caching Behavior ........................................................................................ 58 HTTP Cookie Semantics.............................................................................. 60 HTTP Authentication.................................................................................. 62 Protocol-Level Encryption and Client Certificates .......................... 64 Extended Validation Certificates........................................................... 65 Error-Handling Rules .................................................................................. 65 Security Engineering Cheat Sheet............................................................ 67 When Handling User-Controlled Filenames in Content-Disposition Headers ....... 67 When Putting User Data in HTTP Cookies.............................................. 67 When Sending User-Controlled Location Headers .............................. 67 When Sending User-Controlled Redirect Headers............................... 67 When Constructing Other Types of User-Controlled Requests or Responses........ 67