Lightweight Integrity Protection for Web Storage-Driven Content Caching

The term web storage summarizes a set of browser-based technologies that allow application-level persistent storage of key/values pairs on the client-side. These capabilities are frequently used for caching of markup or script code fragments, e.g., in scenarios with specific bandwidth or responsiveness requirements. Unfortunately, this paper is inherently insecure, as it may allow attackers to inject malicious JavaScript payloads into the browser's web storage. Such payloads reside in the victim's browser for a potentially prolonged period and lead to resident compromise of the application's client-side code.

Provided by: SAP Research Topic: Software Date Added: Mar 2012 Format: PDF

Find By Topic