A Security Analysis of Next Generation Web Standards

The web browser is arguably the most security-critical component in our information infrastructure. It has become the channel through which most of our information passes. ENISA is seizing a unique chance to make detailed recommendations for improvements to browser security before they become non-negotiable for years to come. The standards which govern the browser are currently undergoing a major upgrade. This includes HTML5, cross-origin communication standards such as CORS and standards for access to local data such as geo-location. In total 51 security threats and issues are identified and detailed in this report.

Editors: Dr. Giles Hogben, Dr Marnix Dekker, Authors: Philippe De Ryck, Lieven Desmet, Pieter Philippaerts, and Frank Piessens, Katholieke Universiteit Leuven

This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.

Accept all cookies Accept only essential cookies