Lightweight Integrity Protection for Web Storage-Driven Content Caching

Provided by: SAP Research
Topic: Software
Format: PDF
The term web storage summarizes a set of browser-based technologies that allow application-level persistent storage of key/values pairs on the client-side. These capabilities are frequently used for caching of markup or script code fragments, e.g., in scenarios with specific bandwidth or responsiveness requirements. Unfortunately, this paper is inherently insecure, as it may allow attackers to inject malicious JavaScript payloads into the browser's web storage. Such payloads reside in the victim's browser for a potentially prolonged period and lead to resident compromise of the application's client-side code.

Find By Topic