English
Related papers

Related papers: On the Integrity of Cross-Origin JavaScripts

200 papers

Today, third-party JavaScript resources are indispensable part of the web platform. More than 88% of world's top websites include at least one JavaScript resource from a remote host. However, there is a great security risk behind using a…

Cryptography and Security · Computer Science 2019-02-11 Kousha Nakhaei , Ebrahim Ansari , Fateme Ansari

Web developers routinely rely on third-party Java-Script libraries such as jQuery to enhance the functionality of their sites. However, if not properly maintained, such dependencies can create attack vectors allowing a site to be…

Cryptography and Security · Computer Science 2020-02-17 Tobias Lauinger , Abdelberi Chaabane , Sajjad Arshad , William Robertson , Christo Wilson , Engin Kirda

The Web is a tangled mass of interconnected services, where websites import a range of external resources from various third-party domains. However, the latter can further load resources hosted on other domains. For each website, this…

Cryptography and Security · Computer Science 2019-02-19 Muhammad Ikram , Rahat Masood , Gareth Tyson , Mohamed Ali Kaafar , Noha Loizon , Roya Ensafi

In the standard web browser programming model, third-party scripts included in an application execute with the same privilege as the application's own code. This leaves the application's confidential data vulnerable to theft and leakage by…

Cryptography and Security · Computer Science 2023-05-09 Abhishek Bichhawat , Vineet Rajani , Jinank Jain , Deepak Garg , Christian Hammer

JavaScript, a scripting language employed to augment the capabilities of web browsers within web pages or browser extensions, utilizes code segments termed JavaScript inclusions. While the security aspects of JavaScript inclusions in web…

Cryptography and Security · Computer Science 2025-05-27 Chong Guan

Modern browsers implement different security policies such as the Content Security Policy (CSP), a mechanism designed to mitigate popular web vulnerabilities, and the Same Origin Policy (SOP), a mechanism that governs interactions between…

Cryptography and Security · Computer Science 2017-03-23 Dolière Francis Somé , Nataliia Bielova , Tamara Rezk

In this paper, we address an unsolved problem in the real world: how to ensure the integrity of the web content in a browser in the presence of malicious browser extensions? The problem of exposing confidential user credentials to malicious…

Cryptography and Security · Computer Science 2019-05-31 Ehsan Toreini , Maryam Mehrnezhad , Siamak F. Shahandashti , Feng Hao

TypeScript is a quickly evolving superset of JavaScript with active development of new features. Our paper seeks to understand how quickly these features are adopted by the developer community. Existing work in JavaScript shows the adoption…

Software Engineering · Computer Science 2023-03-20 Joshua D. Scarsbrook , Mark Utting , Ryan K. L. Ko

Many websites import large JavaScript (JS) libraries to customize and enhance user experiences. Our data shows that many JS libraries are only partially utilized during a page load, and therefore, contain superfluous code that is never…

Networking and Internet Architecture · Computer Science 2020-03-18 Utkarsh Goel , Moritz Steiner

Context: Code coverage is widely used as a software quality assurance measure. However, its effect, and specifically the advisable dose, are disputed in both the research and engineering communities. Prior work reports only correlational…

Software Engineering · Computer Science 2026-02-04 Lukas Schulte , Gordon Fraser , Steffen Herbold

As third-party cookies are being phased out or restricted by major browsers, first-party cookies are increasingly repurposed for tracking. Prior work has shown that third-party scripts embedded in the main frame can access and exfiltrate…

Cryptography and Security · Computer Science 2025-10-02 Pouneh Nikkhah Bahrami , Aurore Fass , Zubair Shafiq

Vulnerabilities in private networks are difficult to detect for attackers outside of the network. While there are known methods for port scanning internal hosts that work by luring unwitting internal users to an external web page that hosts…

Cryptography and Security · Computer Science 2020-04-03 Christian Dresen , Fabian Ising , Damian Poddebniak , Tobias Kappert , Thorsten Holz , Sebastian Schinzel

In late 2017, a sudden proliferation of malicious JavaScript was reported on the Web: browser-based mining exploited the CPU time of website visitors to mine the cryptocurrency Monero. Several studies measured the deployment of such code…

Modern websites heavily rely on JavaScript (JS) to implement legitimate functionality as well as privacy-invasive advertising and tracking. Browser extensions such as NoScript block any script not loaded by a trusted list of endpoints, thus…

Cryptography and Security · Computer Science 2023-03-27 Abdul Haddi Amjad , Zubair Shafiq , Muhammad Ali Gulzar

Modern single page web applications require client-side executions of application logic, including critical functionality such as client-side cryptography. Existing mechanisms such as TLS and Subresource Integrity secure the communication…

Cryptography and Security · Computer Science 2024-10-23 Echo Meißner , Frank Kargl , Benjamin Erb

Zero-day vulnerabilities can be accidentally or maliciously placed in code and can remain in place for years. In this study, we address an aspect of their longevity by considering the likelihood that they will be discovered in the code…

Cryptography and Security · Computer Science 2018-09-03 Andrew J. Lohn

Web applications often include third-party content and scripts to personalize a user's online experience. These scripts have unrestricted access to a user's private data stored in the browser's persistent storage like cookies, localstorage…

Cryptography and Security · Computer Science 2024-11-26 Gayatri Priyadarsini Kancherla , Dishank Goel , Abhishek Bichhawat

Despite the pervasiveness of Internet censorship, we have scant data on its extent, mechanisms, and evolution. Measuring censorship is challenging: it requires continual measurement of reachability to many target sites from diverse vantage…

Networking and Internet Architecture · Computer Science 2015-07-21 Sam Burnett , Nick Feamster

Searching accounts for one of the most frequently performed computations over the Internet as well as one of the most important applications of outsourced computing, producing results that critically affect users' decision-making behaviors.…

Web applications are becoming truly pervasive in all kinds of business models and organizations. Today, most critical systems such as those related to health care, banking, or even emergency response, are relying on these applications. They…

Cryptography and Security · Computer Science 2009-06-01 Joaquin Garcia-Alfaro , Guillermo Navarro-Arribas
‹ Prev 1 2 3 10 Next ›