Shownotes & Links
- Unsere OWASP Top 10 Folge
- Operation Aurora
- Die Snowden-Enthüllungen
- Let’s Encrypt
- Hot Pixels Attack
- Schadcode in Chrome-Extensions
- Die Safe-Browsing-API
- Ungoogled Chromium
- Browserfingerprinting
- Neues Browser-Thread-Model nach Spectre, Meltdown & Co.
- Cross-Origin Read Blocking
- Cross-Origin Resource Sharing (CORS)
- Warum Cross-Origin Isolated (CORP/COOP/COEP) und wie
- Same-Origin Policy
- SameSite Cookies
- Permission-Policy und Permission-API
- Die Sec-Fetch-*-Header
- OWASP Security-Header CheatSheet
- HSTS Preload