|
|
Detection of Suspicious Requests Made by Web Pages
Pohner, Pavel ; Burget, Radek (referee) ; Polčák, Libor (advisor)
The purpose of this thesis is to prevent websites located in public internet from accessing user's internal network through web browser. Acquired knowdledge about modern browser's security mechanism - same-origin policy and options of implementing the web browser extensions using WebExtensions, was used in the solution. Proposed solution is based on WebRequest API, which intercepts and modifies HTTP requests, and extends functionality of existing browser extension JavaScript Restrictor with the ability to detect and prevent the browser to be abused as a proxy for scanning and accessing user's internal network. The implemented solution was tested and accepted as a part of JavaScript Restrictor. The main benefit of this thesis is the protection from possible abusement of a web browser as a proxy, which is not present in existing extensions.
|
|
|
FormLock for JavaScript Restrictor
Szabó, Matyáš ; Bednář, Martin (referee) ; Polčák, Libor (advisor)
This thesis focuses on protecting personally identifiable information (PII) during filling and submitting of web forms. Formlock, a prototype trying to resolve the PII leakage caused by forms by warning the user about the potentially malicious web forms and giving them an option to try and prevent the leak, is tested and then it's defensive capabilities are improved and integrated into Javascript Restrictor. Lastly, the new and integrated measures are tested and their possible future improvements are evaluated.
|
|
|
FormLock for JavaScript Restrictor
Szabó, Matyáš ; Bednář, Martin (referee) ; Polčák, Libor (advisor)
This thesis focuses on protecting personally identifiable information (PII) during filling and submitting of web forms. Formlock, a prototype trying to resolve the PII leakage caused by forms by warning the user about the potentially malicious web forms and giving them an option to try and prevent the leak, is tested and then it's defensive capabilities are improved and integrated into Javascript Restrictor. Lastly, the new and integrated measures are tested and their possible future improvements are evaluated.
|
|
|
Detection of Suspicious Requests Made by Web Pages
Pohner, Pavel ; Burget, Radek (referee) ; Polčák, Libor (advisor)
The purpose of this thesis is to prevent websites located in public internet from accessing user's internal network through web browser. Acquired knowdledge about modern browser's security mechanism - same-origin policy and options of implementing the web browser extensions using WebExtensions, was used in the solution. Proposed solution is based on WebRequest API, which intercepts and modifies HTTP requests, and extends functionality of existing browser extension JavaScript Restrictor with the ability to detect and prevent the browser to be abused as a proxy for scanning and accessing user's internal network. The implemented solution was tested and accepted as a part of JavaScript Restrictor. The main benefit of this thesis is the protection from possible abusement of a web browser as a proxy, which is not present in existing extensions.
|
guest ::
