O'Reilly logo

Seven Deadliest Web Application Attacks by Mike Shema

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Defending the Web Browser

There is a fool-proof defense against CSRF for the truly paranoid: change browsing habits. Its level of protection, though, is directly proportional to the level of inconvenience. Only visit one Web site at a time, avoiding multiple browser windows or tabs. When finished with a site, use its logout mechanism rather than just closing the browser or moving on to the next site. Don't use any “remember me” or autologin features if the Web site offers it – an effective prescription perhaps, but one that quickly becomes inconvenient.

Internet Explorer 8 and Browser Extensions

Internet Explorer 8 introduced the X-FRAME-OPTIONS response header to help site developers control how the browser will render content within a frame. ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required