Canh

Web Security

1 min read

Basic

Details

  1. Main attach types
    1. Click-jacking
    2. XSS
    3. CSRF
    4. MiM
  2. Same-origin policy
  1. https://developer.mozilla.org/en-US/docs/Web/Security/Types_of_attacks
  2. https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy

Intermediate

Details

  1. CSP (Content Security Policy)
  2. TLS
  3. HSTS (Strict-Transport-Security header)
  4. Secure Contexts
  5. Secure cookies
  1. https://developer.mozilla.org/en-US/docs/Web/Security
  2. https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
  3. https://developer.mozilla.org/en-US/docs/Web/Security/Transport_Layer_Security
  4. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
  5. https://developer.mozilla.org/en-US/docs/Web/Security/Secure_Contexts
  6. https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#Secure_and_HttpOnly_cookies

Graph View

Backlinks