|
|
Web Browser Extension for Page Analysis
Navrátil, Rostislav ; Křivka, Zbyněk (referee) ; Burget, Radek (advisor)
The purpose of this thesis is to create a WebExtensions oriented module for a web browser. An extension module allows the user to submit details about the currently displayed web page and text content to a server application for thorough analysis and displaying the result. It is built on ExtensionAPIs, but is also supported in WebExtensions based web browsers. The communication between the extension module and the server is realized by XMLHttpRequest and the server application itself is implemented in PHP.
|
|
|
Detection of Suspicious Requests Made by Web Pages
Pohner, Pavel ; Burget, Radek (referee) ; Polčák, Libor (advisor)
The purpose of this thesis is to prevent websites located in public internet from accessing user's internal network through web browser. Acquired knowdledge about modern browser's security mechanism - same-origin policy and options of implementing the web browser extensions using WebExtensions, was used in the solution. Proposed solution is based on WebRequest API, which intercepts and modifies HTTP requests, and extends functionality of existing browser extension JavaScript Restrictor with the ability to detect and prevent the browser to be abused as a proxy for scanning and accessing user's internal network. The implemented solution was tested and accepted as a part of JavaScript Restrictor. The main benefit of this thesis is the protection from possible abusement of a web browser as a proxy, which is not present in existing extensions.
|
|
|
Transparency and Consent Framework Data Listing and Editing
Postulka, Aleš ; Malinka, Kamil (referee) ; Polčák, Libor (advisor)
This thesis deals with the development of multilingual for web browsers Mozilla Firefox and Google Chrome. The purpose of the extension is to enable the automated management of provided consents to the processing of personal data on websites using the Transparency and Consent Framework. Extension was developed on the basis of knowledge about this framework and about legal norms GDPR and ePrivacy Directive, which deal with the protection of personal data. Knowledge of the method of developing extensions for web browsers using WebExtensions was also used during the implementation. During testing, consent was successfully enforced in 96,2 % of tested websites in Mozilla Firefox. In Google Chrome, success has been achieved in 82,1 % of tested websites. The banner requiring consent was not displayed in 33 % of websites in Mozilla Firefox and in 31,1 % of websites in Google Chrome.
|
|
|
Privacy-Preserving Web Browser Extension
Červinka, Zbyněk ; Lichtner, Ondrej (referee) ; Polčák, Libor (advisor)
This thesis deals with security, privacy, and anonymity on the internet. In this thesis are described tracking mechanisms and approaches that are being used to collect and send away users' personal information. Information that leaks using this tracking approaches can be used to identify user, to monitor and analyze his behavior on specific web pages and several leaked pieces of information can be misused (for example the leaked credit card number or password). In this thesis is described and tested the functionality and reliability of several current web add-ons providing the protection on the internet. New security increasing web add-on has been designed and developed to demonstrate a technique, that redefines and wraps the original JavaScript implementation of several functions and objects, the wrapping is executed before the visited web page starts processing the source code. Running the wrapping code at this time will ensure, that no other code in loaded web page will ever have access to the original implementation. This add-on is also well-tested. The final thesis' stage provides a great amount of possibilities to improve implemented add-on.
|
|
|
Transparency and Consent Framework Data Listing and Editing
Postulka, Aleš ; Malinka, Kamil (referee) ; Polčák, Libor (advisor)
This thesis deals with the development of multilingual for web browsers Mozilla Firefox and Google Chrome. The purpose of the extension is to enable the automated management of provided consents to the processing of personal data on websites using the Transparency and Consent Framework. Extension was developed on the basis of knowledge about this framework and about legal norms GDPR and ePrivacy Directive, which deal with the protection of personal data. Knowledge of the method of developing extensions for web browsers using WebExtensions was also used during the implementation. During testing, consent was successfully enforced in 96,2 % of tested websites in Mozilla Firefox. In Google Chrome, success has been achieved in 82,1 % of tested websites. The banner requiring consent was not displayed in 33 % of websites in Mozilla Firefox and in 31,1 % of websites in Google Chrome.
|
|
|
Detection of Suspicious Requests Made by Web Pages
Pohner, Pavel ; Burget, Radek (referee) ; Polčák, Libor (advisor)
The purpose of this thesis is to prevent websites located in public internet from accessing user's internal network through web browser. Acquired knowdledge about modern browser's security mechanism - same-origin policy and options of implementing the web browser extensions using WebExtensions, was used in the solution. Proposed solution is based on WebRequest API, which intercepts and modifies HTTP requests, and extends functionality of existing browser extension JavaScript Restrictor with the ability to detect and prevent the browser to be abused as a proxy for scanning and accessing user's internal network. The implemented solution was tested and accepted as a part of JavaScript Restrictor. The main benefit of this thesis is the protection from possible abusement of a web browser as a proxy, which is not present in existing extensions.
|
|
|
Web Browser Extension for Page Analysis
Navrátil, Rostislav ; Křivka, Zbyněk (referee) ; Burget, Radek (advisor)
The purpose of this thesis is to create a WebExtensions oriented module for a web browser. An extension module allows the user to submit details about the currently displayed web page and text content to a server application for thorough analysis and displaying the result. It is built on ExtensionAPIs, but is also supported in WebExtensions based web browsers. The communication between the extension module and the server is realized by XMLHttpRequest and the server application itself is implemented in PHP.
|
|
|
Privacy-Preserving Web Browser Extension
Červinka, Zbyněk ; Lichtner, Ondrej (referee) ; Polčák, Libor (advisor)
This thesis deals with security, privacy, and anonymity on the internet. In this thesis are described tracking mechanisms and approaches that are being used to collect and send away users' personal information. Information that leaks using this tracking approaches can be used to identify user, to monitor and analyze his behavior on specific web pages and several leaked pieces of information can be misused (for example the leaked credit card number or password). In this thesis is described and tested the functionality and reliability of several current web add-ons providing the protection on the internet. New security increasing web add-on has been designed and developed to demonstrate a technique, that redefines and wraps the original JavaScript implementation of several functions and objects, the wrapping is executed before the visited web page starts processing the source code. Running the wrapping code at this time will ensure, that no other code in loaded web page will ever have access to the original implementation. This add-on is also well-tested. The final thesis' stage provides a great amount of possibilities to improve implemented add-on.
|
guest ::
