Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Security Protocols

Security Protocols 2008: Security Protocols XVI pp 84–85Cite as

Problems with Same Origin Policy

Know Thyself

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6615))

Abstract

In the tradition of distributed systems security, access control equals authentication and authorisation, where obtaining the source of the request is called ‘authentication’ [4]. In web applications, the source of a web page is a host known by a DNS name. Web browsers attempt to enforce same origin policies on scripts executing within a web page or on the dissemination of HTTP cookies.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   54.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Burns, J.: Cross site reference forgery. Technical report, Information Security Partners, LLC (2005) (Version 1.1)

    Google Scholar 

  2. CERT Coordination Center. Malicious HTML tags embedded in client web requests (2000), http://www.cert.org/advisories/CA-2000-02.html

  3. Johns, M., Winter, J.: RequestRodeo: Client side protection against session riding. In: Piessens, F. (ed.) Proceedings of the OWASP Europe 2006 Conference, Departement Computerwetenschappen, Katholieke Universiteit Leuven, Report CW448, pp. 5–17 (May 2006)

    Google Scholar 

  4. Lampson, B., Abadi, M., Burrows, M., Wobber, E.: Authentication in distributed systems: Theory and practice. ACM Transactions on Computer Systems 10(4), 265–310 (1992)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Hamburg University of Technology, Hamburg, Germany

    Dieter Gollmann

Authors
  1. Dieter Gollmann
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Science Department, University of Hertfordshire, AL10 9AB, Hatfield, UK

    Bruce Christianson , James A. Malcolm  & Michael Roe ,  & 

  2. Faculty of Informatics, Masaryk University, Botanicka 68a, 602 00, Brno, Czech Republic

    Vashek Matyas

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Gollmann, D. (2011). Problems with Same Origin Policy. In: Christianson, B., Malcolm, J.A., Matyas, V., Roe, M. (eds) Security Protocols XVI. Security Protocols 2008. Lecture Notes in Computer Science, vol 6615. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22137-8_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-22137-8_11

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-22136-1

  • Online ISBN: 978-3-642-22137-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation