!!! FINAL CALL !!!

ONLINE REGISTRATION CLOSES TODAY

REGISTER NOW

Google Details Upcoming Chrome Security Features

Submitted by l33tdawg on Wed, 2011-06-15 13:40
http://www.flickr.com/photos/factoryjoe/2819995451/

Google has released a list of security features being built into the upcoming Chrome 13 and includes Content Security Policy (CSP) and HTTP Strict Transport Security (HSTS) implementations, certificate pinning and self-XSS filter.

The Content Security Policy (CSP) is a specification developed by Mozilla which aimed at providing a solution for many of today's malicious injection attacks. It allows websites to restrict the sources of content that can be loaded into their pages. For example, a webmaster can provide a list of domains for images, embedded objects, scripts, fonts or frames.

This significantly restricts the options for attackers who currently exploit vulnerabilities to inject rogue iframe and script elements that load content from domains under their control. The CSP implementation in Chrome 13 is only for experimental purposes and webmasters that want to try it out can use the X-WebKit-CSP temporary header.

Source: 
Softpedia News
Tags: 
Industry News
Chrome
Google

Contact Us

Hack In The Box

Suite 26.3, Level 26, Menara IMC,
No. 8, Jalan Sultan Ismail,
50250 Kuala Lumpur,
Malaysia

Tel: +603-20394724
Fax: +603-20318359