Questions tagged [web-browser]
A web browser is an application which uses HTTP and related protocols to retrieve HTML and XML data from servers. As the web has become a critical source of information and communication, web browsers have become a critical component in information request, transfer and management.
1,663
questions
1
vote
0
answers
50
views
Is this code attempting to identify individual computers? [closed]
The bbc news home page is directing some users to download and run some javascript from a data collection company. This collects many hardware and device identifiers, as their privacy policy ...
- 289
0
votes
1
answer
57
views
What the reasoning behind block specific ports like 10080 on internet browsers
Context:
For security reasons I am running k3s kubernetes in rootless mode. That requires me to use ports over 10000 so I have choose the port 10080 to listen as web-server. To my surprise, my browser ...
- 101
6
votes
1
answer
154
views
Do browsers like FireFox, Chrome, Opera, and Tor store TLS 1.3 session tickets on the disk?
Do browsers save TLS 1.3 session tickets on the disk to resume a TLS session after the browser process has been killed and restarted?
Are there any glaring security risks of caching TLS 1.3 session ...
- 61
7
votes
4
answers
4k
views
Should order numbers be guessable?
We wrote a e-commerce system where we were asked to generate orders based on a format provided to us
The format was extremely simple which was today's date with total number of orders in the database +...
- 73
0
votes
0
answers
60
views
Tabnabbing, adblocking and web browser security
My question regards tabnabbing and how to block it. I will first describe my understanding of the subject, but I'm no expert, so this introduction is meant for you to correct me if applicable.
Here is ...
- 19
0
votes
0
answers
43
views
How to allow users to securely use their private key to decrypt data in the browser [duplicate]
I'm working on an application where encrypted data can be stored on the server. Users can do this by obtaining public keys from the server, and use them to encrypt data locally before sending it to ...
- 1
0
votes
1
answer
88
views
(Advanced) client-side session handling in browser
Is there a way (maybe via browser extensions) to make sessions forcefully expire after a while, even if the server side is set for longer durations?
e.g. you authenticate to example.com and it starts ...
- 193
5
votes
1
answer
892
views
What are the reasons for CORS failure errors to not be available to JS?
From Cross-Origin Resource Sharing (CORS) - HTTP | MDN:
CORS failures result in errors but for security reasons, specifics about the error are not available to JavaScript. All the code knows is that ...
- 1,591
0
votes
0
answers
33
views
Is my home network infected? [duplicate]
Today, my family brought me a quite old laptop (it had Windows 7 Enterprise from around 2009). When I tried to turn it on, it was already complicated because I got a black screen with options, but the ...
- 1
21
votes
6
answers
11k
views
Are Cyrillic characters a real threat?
I've seen people in security saying URLs with Cyrillic characters are dangerous. If you ever type such characters on a browser you'd see they break into crazy unrecognizable URLs that have nothing to ...
- 363
0
votes
1
answer
88
views
How can the Beef Tool be used? [closed]
Can the hijacked browser's history and saved information be viewed?
Is it possible to create a backdoor in the browser? In other words, can it be secretly redirected to any site or downloaded and ...
- 1
2
votes
1
answer
161
views
Securely storing derived key in web app and handling user identity
I am currently working on an open source project to securely store notes, payment card numbers, etc. I would like to implement a zero knowledge encryption method so that no one but the user can ...
- 23
13
votes
3
answers
7k
views
Why are iframes allowed by default?
Clickjacking is still very possible in 2024, because iframe embedding is allowed by default. Why is this the case?
In 2013 there was a question about why iframes exist at all (Why are iframes allowed ...
- 238
0
votes
1
answer
136
views
Does enabling hardware acceleration increase the attack surface of software?
For software that process untrusted data and have an option to use hardware acceleration, does enabling hardware acceleration increase the attack surface of the software? Examples of situations where ...
- 923
1
vote
2
answers
378
views
How to determine which Chrome extension is re-directing me to ad sites
Twice now, seemingly randomly, I've been redirected to an ad site.
I believe it has occurred both times when I have a new tab open, type what I'm searching for (Google is my default search engine), ...
- 11