The Tangled Web

Ron Kuper
Mind Map by Ron Kuper, updated more than 1 year ago More Less
Ron Kuper
Created by Ron Kuper over 4 years ago


A guide to securing modern web applications

Resource summary

The Tangled Web
1 Security in the World of Web Applications
1.1 History of the Web
1.1.1 GML IBM's Generalized Markup Language "this is a header", "this is a list" SGML Standard Generalized Markup Language HTML Focused on simplicity Tim Berners-Lee and Dan Connolly HyperText Markup Language HTTP HyperText Transfer Protocol Dedicated scheme for accessing HTML resources using TCP/IP, DNS and file pathes concepts Tim's WWW Project


  • World Wide Web 1991-1993 A browser that parsed HTML and allowed navigation from one page to another Tim Berners-Lee Mosaic Web Browser Netscape Navigator Spyglass Mosaic Microsoft Internet Explorer 1960's
1.1.2 Microsoft XMLHttpRequest Web 2.0
1.1.3 W3C - WWW Consortium
1.2 Risk Management
1.2.1 CWE Homeland Security Common Weakness Enumeration "Provide a common language"
1.2.2 CVSS Common Vulnerability Scoring System method to quantify and score a vulnerability based on risk
1.2.3 probability * maximum loss = risk
2 Anatomy of the Web
2.1 URLs
2.2 HTTP
2.3 HTML
2.4 CSS
2.5 Browser Scripts
2.6 Doc Types
2.7 Plug-ins
3 Browser Security
3.1 Content Isolation
3.2 Origin Inheritance
3.3 Outside Same-Origin
3.4 Other Boundaries
3.5 Content Recognition
3.6 Rouge Scripts
3.7 Site Privileges
4 Future
4.1 New Security Features
4.2 Other Browser Mechanisms
4.3 Common Web Vulnerabilities
Show full summary Hide full summary


1.5 Application and Security Controls
DJ Perrone
"The 1 Min Manager" Flashcards
Rafael Testai
"Enchantment" by Guy Kawasaki Flashcards
Rafael Testai
GRE Test - Overview
SAT Prep Group
Cell Parts & Genetics
Selam H
Definitions in AS chemistry
Stephen Cole
Macbeth Notes
Bella Ffion Martin
Spanish Subjunctive
AQA Biology 8.1 structure of DNA
Charlotte Hewson
Key Biology Definitions/Terms
jane zulu
Biology B3
James Burns