Please enable JavaScript.
Coggle requires JavaScript to display documents.
IT Sicherheit - 4. Browser Security (HTTPS: 443 (Extendend Validation (EV)…
IT Sicherheit - 4. Browser Security
Schutzziele
Confidentiality
Integrity
Transparenz
HTTPS: 443
Extendend Validation (EV) Certificate and HTTPS Protocol
secure and serious
Known Certificate Authority and HTTPS Protocol
secure but not validated
No Certifaction Authority and HTTP Protocol
unsecure, not trustworthy
HTTPS protocol, self signed after red warning
be carful, possibly malware
Same Origin Policy (SOP)
Origin a can acces Origins B's DOM only if (protocol, domain, port) are the same
self delegation
Frame Navigation Descendant Policy
Navigations options
can navigate a child child
cannot navigate any frame in any window
can navigate a driect child
cannot navigate any frame
all current browser us it
Cookies
Session Cookie (temporary)
Persistent/tracking Cookie (longer lifetime)
Third party cokkie (website set)
HTTP Only Cookie
cannot set via Javascript
prevent using cookie via XSS
also blocks XMLHTTP Request