Client-side security through JavaScript API wrapping

DSpace/Manakin Repository

Show simple item record

dc.contributor.advisor Focardi, Riccardo it_IT
dc.contributor.author Baesso, Andrea <1991> it_IT
dc.date.accessioned 2017-02-23 it_IT
dc.date.accessioned 2017-05-08T03:48:27Z
dc.date.available 2017-05-08T03:48:27Z
dc.date.issued 2017-03-23 it_IT
dc.identifier.uri http://hdl.handle.net/10579/9772
dc.description.abstract Cross Site Scripting (XSS) allows an attacker to inject malicious code into a webpage. Modern web applications enforce various security measures to mitigate attacks but many of these can be easily circumvented by malicious scripts. In fact, JavaScript has full access to the content of a page, thus any confidential information is potentially compromised whenever an attacker is able to inject a malicious script in a visited webpage. In this thesis we experiment techniques to wrap JavaScript APIs so to control what scripts can do and to mitigate the consequences of XSS attacks. We consider the case study of a login form and we show how to prevent password leakage through JavaScript API wrapping. it_IT
dc.language.iso it_IT
dc.publisher Università Ca' Foscari Venezia it_IT
dc.rights © Andrea Baesso, 2017 it_IT
dc.title Client-side security through JavaScript API wrapping it_IT
dc.title.alternative it_IT
dc.type Master's Degree Thesis it_IT
dc.degree.name Informatica - computer science it_IT
dc.degree.level Laurea magistrale it_IT
dc.degree.grantor Dipartimento di Scienze Ambientali, Informatica e Statistica it_IT
dc.description.academicyear 2015/2016, sessione straordinaria it_IT
dc.rights.accessrights openAccess it_IT
dc.thesis.matricno 834951 it_IT
dc.subject.miur it_IT
dc.description.note it_IT
dc.degree.discipline it_IT
dc.contributor.co-advisor it_IT
dc.date.embargoend it_IT
dc.provenance.upload Andrea Baesso (834951@stud.unive.it), 2017-02-23 it_IT
dc.provenance.plagiarycheck Riccardo Focardi (focardi@unive.it), 2017-03-06 it_IT


Files in this item

This item appears in the following Collection(s)

Show simple item record