DOCSLIB.ORG

A Revised Guide to Building Secure Web Applications and Web Services

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
A Revised Guide to Building Secure Web Applications and Web Services A Revised Guide to Building Secure Web Applications and Web Services 2.1.0 OWASP/vgr Edition January 10, 2010 Copyright © 2010 VGR www.edainworks.com as a Derived Work from OWASP Guide 2.0.1 BlackHat++ edition © 2002-2005 the Open Web Application Security Project (OWASP). All Rights Reserved. Permission is granted to copy, distribute, and/or modify this document provided this copyright notice and attribution to OWASP is retained. 1. Frontispiece 1. Frontispiece Dedication Je dédie cette version à tous les développeurs ouaibe qui attendaient depuis 2005 une révision du Guide OWASP 2.0 . I dedicate this version to all the Web Developers which waited since 2005 for a revision of the OWASP 2.0 Guide. VGR, January 2010 Copyright and license © 2010 VGR for some corrections, all other parts © 2001 – 2005 Free Software Foundation The Guide is licensed under the Free Documentation License, a copy of which is found in the Appendix. PERMISSION IS GRANTED TO COPY, DISTRIBUTE, AND/OR MODIFY THIS DOCUMENT PROVIDED THIS COPYRIGHT NOTICE AND ATTRIBUTION TO OWASP IS RETAINED. Editors The Guide has had several editors, all of whom have contributed immensely as authors, project managers, and editors over the lengthy period of the Guide’s gestation Adrian Wiesmann Mark Curphey Andrew van der Stock Ray Stirbei Vincent « Hefiz »Graux [VGR] Authors and Reviewers The Guide would not be where it is today without the generous gift of volunteer time and effort from many individuals. If you are one of them, and not on this list, please contact VGR, [email protected] 1 / 314 1. Frontispiece Abraham Kang Eoin Keary Mikael Simonsson Adrian Wiesmann Ernesto Arroyo Neal Krawetz Alex Russell Frank Lemmon Nigel Tranter Amit Klein Gene McKenna Raoul Endres Andrew van der Stock Hal Lockhart Ray Stirbei Brian Greidanus Izhar By-Gad Richard Parke Christopher Todd Jeremy Poteet Robert Hansen Darrel Grundy José Pedro Arroyo Roy McNamara David Endler K.K. Mookhey Steve Taylor Denis Piliptchouk Kevin McLaughlin Sverre Huseby Dennis Groves Mark Curphey Tim Smith Derek Browne Martin Eizner Vincent «Hefiz» Graux Michael Howard William Hau Revision History Date Version Pages Notes July 27, 2005 2.0.1 Blackhat Edition++ 293 pages Cryptography chapter review from Michael Howard incorporated December 31, 2009 2.0.1 Blackhat Edition++ 290 pages VGR, www.edainworks.com, from the official PDF version. No changes except two typos. ISO 26300:2006 Open Document Format version (807 KB) January 02, 2010 2.1.0 OWASP/vgr 314 pages •Typos and Errors fixes and PHP code review for all sections. •Ajax and Deployment sections added from CVS. •« PHP Guidelines » section deleted. •References were updated (eg, ISO 17799 updated to 27002). •State of the Art was updated as of 2009 year end. •Empty and unfinished paragraphs deleted (hidden text). •Sections and paragraphs were numbered to provide a stable reference. VGR www.edainworks.com ISO 26300:2006 Open Document Format version (2242 KB) 2 / 314 1. Frontispiece Table Of Contents 1. FRONTISPIECE....................................................................................................................................................1 DEDICATION.....................................................................................................................................................1 COPYRIGHT AND LICENSE.....................................................................................................................................1 EDITORS.........................................................................................................................................................1 AUTHORS AND REVIEWERS..................................................................................................................................1 REVISION HISTORY............................................................................................................................................2 2. ABOUT THE OPEN WEB APPLICATION SECURITY PROJECT........................................................................................10 2.1 STRUCTURE AND LICENSING.........................................................................................................................10 2.2 PARTICIPATION AND MEMBERSHIP...................................................................................................................10 2.3 PROJECTS................................................................................................................................................11 3. INTRODUCTION.................................................................................................................................................12 4. WHAT ARE WEB APPLICATIONS?...........................................................................................................................14 4.1 OVERVIEW...............................................................................................................................................14 4.2 TECHNOLOGIES.........................................................................................................................................14 5. POLICY FRAMEWORKS.......................................................................................................................................28 5.1 OVERVIEW...............................................................................................................................................28 5.2 ORGANIZATIONAL COMMITMENT TO SECURITY.....................................................................................................28 5.3 OWASP’S PLACE AT THE FRAMEWORK TABLE.................................................................................................29 5.7 DEVELOPMENT METHODOLOGY.....................................................................................................................32 5.8 CODING STANDARDS..................................................................................................................................32 5.9 SOURCE CODE CONTROL............................................................................................................................33 6. SECURE CODING PRINCIPLES..............................................................................................................................34 6.1 OVERVIEW...............................................................................................................................................34 6.2 ASSET CLASSIFICATION...............................................................................................................................34 6.3 ABOUT ATTACKERS.....................................................................................................................................34 6.4 CORE PILLARS OF INFORMATION SECURITY........................................................................................................35 SECURITY ARCHITECTURE..................................................................................................................................35 6.5 SECURITY PRINCIPLES................................................................................................................................36 7. THREAT RISK MODELING...................................................................................................................................41 7.1 THREAT RISK MODELING USING THE MICROSOFT THREAT MODELING PROCESS........................................................41 7.2 PERFORMING THREAT RISK MODELING..............................................................................................................41 7.2 ALTERNATIVE THREAT MODELING SYSTEMS......................................................................................................48 COMPARING THREAT MODELING APPROACHES..........................................................................................................52 7.3 CONCLUSION............................................................................................................................................54 7.4 FURTHER READING....................................................................................................................................54 8. HANDLING E-COMMERCE PAYMENTS.....................................................................................................................55 8.1 OBJECTIVES.............................................................................................................................................55 8.2 COMPLIANCE AND LAWS..............................................................................................................................55 8.3 PCI COMPLIANCE.....................................................................................................................................55 8.4 HANDLING CREDIT CARDS...........................................................................................................................56 8.5 FURTHER READING....................................................................................................................................61 9. PHISHING.......................................................................................................................................................62 9.1 WHAT IS PHISHING?...................................................................................................................................62
Load more

Recommended publications
  • NIST SP 800-28 Version 2 Guidelines on Active Content and Mobile
    Special Publication 800-28 Version 2 (Draft) Guidelines on Active Content and Mobile Code Recommendations of the National Institute of Standards and Technology Wayne A. Jansen Theodore Winograd Karen Scarfone NIST Special Publication 800-28 Guidelines on Active Content and Mobile Version 2 Code (Draft) Recommendations of the National Institute of Standards and Technology Wayne A. Jansen Theodore Winograd Karen Scarfone C O M P U T E R S E C U R I T Y Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899-8930 March 2008 U.S. Department of Commerce Carlos M. Gutierrez, Secretary National Institute of Standards and Technology James M. Turner, Acting Director GUIDELINES ON ACTIVE CONTENT AND MOBILE CODE Reports on Computer Systems Technology The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the nation’s measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of concept implementations, and technical analysis to advance the development and productive use of information technology. ITL’s responsibilities include the development of technical, physical, administrative, and management standards and guidelines for the cost-effective security and privacy of sensitive unclassified information in Federal computer systems. This Special Publication 800-series reports on ITL’s research, guidance, and outreach efforts in computer security and its collaborative activities with industry, government, and academic organizations. National Institute of Standards and Technology Special Publication 800-28 Version 2 Natl. Inst. Stand. Technol. Spec. Publ.
    [Show full text]
  • Firefox 與網路瀏覽器發展簡史 網際網路在現今的生活中已不可或缺,讓我們回溯 1993 年網路黎明時期, the History of Firefox and Web Browsers 透過最常接觸的瀏覽器其進化歷程,來逐步回顧網際網路發展的歷史。
    Firefox 與網路瀏覽器發展簡史 網際網路在現今的生活中已不可或缺,讓我們回溯 1993 年網路黎明時期, The History of Firefox and Web Browsers 透過最常接觸的瀏覽器其進化歷程,來逐步回顧網際網路發展的歷史。 NCSA 發行 Marc Andreessen 等人 NCSA Mosaic 離開 ‧Mosaic 席捲瀏覽器 開發出 Mosaic 瀏覽器 市場 ‧台灣 最 初 的 WWW Server 出現 提供授權 發行 Mosaic Spyglass Spyglass Mosaic Communications 取得 Mosaic 授權 .W3C 成立 由 Marc Andreessen Microsoft Apple .Netscape Navigator 及 James Clark 共同 席捲瀏覽器市場 設立 發行 提供授權 分頁瀏覽功能的原型 .Yahoo! JP上線 .台灣首家 ISP 新絲 取得 Mosaic Opera 路成立、Hinet 成立 Netscape Navigator 1.0 Mozilla Classic 授權 Software .教育部 TWNIC 計畫 開發代號「Mozilla」 發行 開始 發行 Windows 95 開始支援 JavaScript Internet Explorer 1.0 發行 ‧Java 登場 因 NCSA 抗議 發展 ‧網路使用者遽增 而變更公司名稱 MultiTorg Opera 1.0 ‧蕃薯藤成立 日本分公司成立 Internet Explorer 2.0 Netscape Navigator 2.0 ‧瀏覽器大戰白熱化 發展 整合 Mail、Composer ‧公佈 CSS1 建議書 郵件及網頁編輯功能 部份支援 JScript、VBScript Opera 2.0 Netscape Navigator 3.0 Netscape Navigator 3.0 及 CSS 草案 Standard Edition Gold Edition 支援 CSS、DHTML Internet Explorer 3.0 加強國際化支援 KDE Netscape Communicator 4.0 CSS、DHTML Project ‧公佈 HTML4.0 建議 精誠公司代理 KDE HTML 書 Netscape Trident 發展 widget ‧精誠公司成立 Kimo 進入台灣市場 開始開發 Internet Explorer 4.0 Windows 98 奇摩站 發行 免費散佈 NC4.x 整合 IE 4.0 開發中的 NC5.0 Netscape Communicator 5.0 ‧IE 獲得壓倒性優勢 開放原始碼化 ‧CSS2、XML1.0、 繼承部份程式碼 Opera 3.0 發行 和設計概念 支援 Ruby Text DOM 1 建議書公佈 放棄 文字顯示 KHTML ‧SEEDNet、蕃薯藤公 加入 Mail 功能 公開 司化 Mozilla Application Suite Gecko Internet Explorer 5.0 Google [Milestone 3~18] 高度支援網頁 ‧台灣上網人口突 破 開發代號「Seamonkey」 標準的成像技術 四百萬 支援文字直排 由 Netscape 的 全 發展 Windows 職員工和 Netscape 2000 發行 ‧瀏覽器大戰結束 開始中文化專案台灣志願者Communications Mozilla Application Suite 0.6 Internet Explorer 5.5 Opera
    [Show full text]
  • Web Standards.Pdf
    BOOKS FOR PROFESSIONALS BY PROFESSIONALS® Sikos, Ph.D. RELATED Web Standards Web Standards: Mastering HTML5, CSS3, and XML gives you a deep understand- ing of how web standards can be applied to improve your website. You will also find solutions to some of the most common website problems. You will learn how to create fully standards-compliant websites and provide search engine-optimized Web documents with faster download times, accurate rendering, lower development costs, and easy maintenance. Web Standards: Mastering HTML5, CSS3, and XML describes how you can make the most of web standards, through technology discussions as well as practical sam- ple code. As a web developer, you’ll have seen problems with inconsistent appearance and behavior of the same site in different browsers. Web standards can and should be used to completely eliminate these problems. With Web Standards, you’ll learn how to: • Hand code valid markup, styles, and news feeds • Provide meaningful semantics and machine-readable metadata • Restrict markup to semantics and provide reliable layout • Achieve full standards compliance Web standardization is not a sacrifice! By using this book, we can create and maintain a better, well-formed Web for everyone. CSS3, and XML CSS3, Mastering HTML5, US $49.99 Shelve in Web Development/General User level: Intermediate–Advanced SOURCE CODE ONLINE www.apress.com www.it-ebooks.info For your convenience Apress has placed some of the front matter material after the index. Please use the Bookmarks and Contents at a Glance links to access them. www.it-ebooks.info Contents at a Glance About the Author................................................................................................
    [Show full text]
  • Web Browsers Namely Mozilla Firefox, Internet Explorer, Google Chrome, Opera
    12 ABSTRACT Web browser is the most commonly used client applicationWeb and speedBrowsers and efficiency of our online work depends on browser to a great extent. As the market is flooding with new browsers there is a lot of confusion in everyone’s mind as to which is the best browser.Our project aims to answer this question. We have done a comparative study of the four most popular web browsers namely Mozilla Firefox, Internet Explorer, Google Chrome, Opera. In the first phase of our project v arious comparison parameters are selected which can be broadly cat egorized into -General Features, Security features and browser extensibility features. Using the selected benchmarking tools each browser is tested. We have also use our own test scripts for some parameters .Depending on the performance of the browser points are assignedSubmitted to each browser by .Public opinion is considered for usability issue and finally we have come to a conclusion t hat opera and firefox are leading the browser war. firefox has finished first scoring 49.84 and opera has scored the next highest 48.90 Our other contributions include a K-chromium browserAmogh ,addon Kulkarni for firefox and (05CO05) scripts showing the major browser attacks. Jaison Salu John (05CO29) The report gives details of work done by our team from Jan 6 th 2008 till March 29 th 2008. Yohan John Thampi (05CO67) Shravan Udaykumar (05CO59) I. INTRODUCTION Gaurav Prasad(08IS03F) The World Wide Web has come a long way in itsVrinda short existence. Halarnkar Without it, (08IS04F) many people wouldn’t know what to do with their day.
    [Show full text]
  • Seamonkey Download Mac
    Seamonkey Download Mac Seamonkey Download Mac 1 / 4 2 / 4 Download Seamonkey For Windows 7Seamonkey Download For MacSee Full List On Seamonkey-project. 1. seamonkey 2. seamonkey animal 3. seamonkey download Indeed, I ran a business based around producing a suite of software that got users on to the net with ease.. In reality, Mozilla says that the SeaMonkey's browser functionality is powered by the same engine that is implemented in Firefox 2.. This is a community project, which includes many features from standalone programs or Firefox extensions.. One particular suite, Turnpike, was sold to Demon Internet, for millions of pounds, before Microsoft started to take the Internet more seriously (read: build apps into the operating system).. Internet suites became somewhat redundant and the Internet was dominated by one browser and one key developer. seamonkey seamonkey, seamonkey animal, seamonkey download, seamonkey kopen, seamonkey pet, seamonkey composer, seamonkey vs firefox, seamonkey vs thunderbird, sea monkey kit, sea monkey food, seamonkey browser Brawl Busters Ph Manual Patch Download Verdict:Interesting suite of Internet software, which could be useful for some novice users, but it's up to you whether you want an integrated suite or notDownload seamonkey mac, seamonkey mac, seamonkey mac download free.. Download Seamonkey Browser For MacSeamonkey Download Win 7Back in the late 90s, the rage was to make Internet software as easy to use as possible. Setup Bluetooth Audio Windows 10 Annonymox download free seamonkey animal S3gnbm.sys Drivers For Mac The Acid2 test agrees. Mozilla SeaMonkey for Mac 2 53 3: Get all the Internet tools you'll need within one integrated suite The Finest Hand-Selected Downloads Individually reviewed & tested.
    [Show full text]
  • EMBEDDING HTML5 with the SERVO BROWSER ENGINE Lars Bergstrom Mike Blumenkrantz Mozilla Research Samsung R&D America Why a New Web Engine?
    STEALING CHROMIUM: EMBEDDING HTML5 WITH THE SERVO BROWSER ENGINE Lars Bergstrom Mike Blumenkrantz Mozilla Research Samsung R&D America Why a new web engine? • Support new types of applications and new devices • All modern browser engines (Safari, Firefox, Chrome) originally designed pre-2000 • Coarse parallelism • Tightly coupled components • Vast majority of security issues are related to the C++ memory model Servo • Written in a memory-safe systems language, Rust • Architected for parallelism • Coarse (per-tab), as in Chrome • Lightweight (intra-page), too • Designed for embedding Rust - safe systems programming • C++ syntax and idioms • C++-like performance • Memory safety • Concurrency • Parallelism http://www.rust-lang.org Familiar syntax and performance Memory safety without overhead • Lifetimes and ownership ensure memory safety • No garbage collection • No reference counting • No C++ “smart” pointer classes Example of code you can’t write How a browser works HTML CSS JS Script Parsing Script & Interactions Flow DOM Display Tree Lists Layout Render More details: http://www.html5rocks.com/en/tutorials/internals/howbrowserswork/ How a browser works This works: HTML <html> CSS <script> JS Script document.write (“</script> <li>foo</li> </html> Parsing Script & Interactions Flow DOM Display Tree Lists Layout Render More details: http://www.html5rocks.com/en/tutorials/internals/howbrowserswork/ Timing breakdown Task Percentage Runtime libraries 25% Layout 22% Windowing 17% Script 16% Painting to screen 10% CSS styling 4% Other 6% Data
    [Show full text]
  • Switching to a Mac Guide You All the Way! Open the Book and Find
    spine=.816” Personal Computers/Macintosh ™ 2nd Edition Switching is almost as easy Making Everything Easier! as using a Mac, and we’ll 2nd Edition Switching to a Mac to Switching guide you all the way! Open the book and find: So you’ve decided to join the more intuitive, less virus- • How a Mac can simplify your life ® prone world of the Mac? Congratulations! This book tells • Special advice for seniors and you what to expect, how to choose a Mac (if you haven’t parents of young kids already), and how to make the switch a breeze. Discover all the cool preloaded software, how to make your Mac talk to • Tips on keeping your Mac updated and secure Switching to a Mac your iPhone™ and iPod®, and how to work the Mac way. • Ways to unleash your creativity • Meet the family — compare MacBooks and the Mac mini, iMac®, with photos, audio, and video and Mac Pro • How to configure your new Mac • I’m a Mac, and you’re leaving a PC — see what’s alike and what’s different, and learn to use Apple menus and the Finder • Help with switching specialized software to your Mac • Can I keep it? — find out what peripherals will still work with your Mac • Mac networking instructions • Moving day — transfer your files, address book, and content • How to get both WiFi and backup stored on other media capability by using Time Capsule® • Get connected — set up your Internet service and e-mail application, and connect to your printer and other peripherals ® • iLove all these apps — play, buy, and organize music with iTunes®; edit, sort, and share photos with iPhoto®;
    [Show full text]
  • Mozilla Firefox Project a Mozilla Alapítvány Egy Non-Profit Szervezet, Mely Támogatja És Fejleszti a Nyílt Forráskódú Mozilla Projectet
    Debreceni Egyetem Informatika Kar Modern böngészők a ma Világának A böngészők technológiai fejlődésének elemzése Témavezető: Készítette: Dr. Hajdu András Benkő Péter Egyetemi Adjunktus Gazdaságinformatikus (BSc) Debrecen 2010 Tartalomjegyzék BEVEZETÉS ...................................................................................................................... 3 1. A BÖNGÉSZŐK SZÜLETÉSE ...................................................................................... 6 1.1 AZ INTERNET HAJNALÁN ..................................................................................... 7 1.2 A BÖNGÉSZŐK KORÁNAK KEZDETE: MOSAIC ÉS NETSCAPE ................................... 9 2. A MICROSOFT URALOM ÉS AZ INTERNET EXPLORER SOROZAT ............... 11 2.1 INTERNET EXPLORER 1.0. .................................................................................. 12 2.2 INTERNET EXPLORER 2.0 .................................................................................... 13 2.3 INTERNET EXPLORER 3.0. .................................................................................. 13 2.4 A BÖNGÉSZŐ HÁBORÚ KEZDETE ......................................................................... 14 2.5 INTERNET EXPLORER 4.0. .................................................................................. 15 2.6 INTERNET EXPLORER 5.0. .................................................................................. 17 2.7 INTERNET EXPLORER 6.0. .................................................................................. 18 2.8 A MICROSOFT
    [Show full text]
  • Building Advanced, Offline Web Applications with HTML 5
    Building advanced, offline web applications with HTML 5 Robin Leblon Promotors prof. dr. ir. Frank Gielen (Ghent University) prof. dr. Albert Oliveras i Llunell (UPC-Barcelona Tech) Co-Promotor prof. dr. Enric Rodríguez Carbonell (UPC-Barcelona Tech) Master thesis made to obtain the academic degree of Master of Science : Computer Sciences (Software Engineering) UPC-Barcelona Tech Faculty of Informatics Department of Languages and Informatics Systems Chairman : Ana Ibañez Julia Academic year 2009-2010 Ghent University Faculty of Engineering Science Department of Information Technology Chairman : prof. dr. ir. Daniël De Zutter Academic year 2009-2010 Building advanced, offline web applications with HTML 5 Robin Leblon Promotors prof. dr. ir. Frank Gielen (Ghent University) prof. dr. Albert Oliveras i Llunell (UPC-Barcelona Tech) Co-Promotor prof. dr. Enric Rodríguez Carbonell (UPC-Barcelona Tech) Master thesis made to obtain the academic degree of Master of Science : Computer Sciences (Software Engineering) UPC-Barcelona Tech Faculty of Informatics Department of Languages and Informatics Systems Chairman : Ana Ibañez Julia Academic year 2009-2010 Ghent University Faculty of Engineering Science Department of Information Technology Chairman : prof. dr. ir. Daniël De Zutter Academic year 2009-2010 Preface i | Building advanced, offline web applications with HTML 5 Deze pagina is niet beschikbaar omdat ze persoonsgegevens bevat. Universiteitsbibliotheek Gent, 2021. This page is not available because it contains personal information. Ghent Universit , Librar , 2021. ABSTRACT Purpose This project tackles two typical problems of web applications: they (1) suffer a noticeable delay when fetching remote data, and (2) are unavailable when no working internet connection is available. Design/methodology/approach Firstly, a range of recently developed specifications (mostly part of HTML5), which aim to provide client-side storage by using a local browser database, are critically compared and tested.
    [Show full text]
  • Safari 3.1 Product Overview June 2008 Product Overview  Safari 3.1
    Safari 3.1 Product Overview June 2008 Product Overview Safari 3.1 Contents Page 3 Safari 3.1: The World’s Fastest Web Browser Key Features Page 5 Getting Started Page 6 Safari in Depth Blazing Performance Elegant User Interface Pioneering Web Standards Support Bookmarks Made Easy Tabbed Browsing Pop-up Blocking Find SnapBack Forms AutoFill Easy Updates Built-in RSS High-Fidelity Graphics and Fonts Private Browsing Security Page 15 Product Details Product Overview 3 Safari 3.1 Safari 3.1 The World’s Fastest Web Browser Experience the web, Apple-style, with Safari: the fastest, easiest-to-use web browser in the world. Included with every Mac, iPhone, and iPod Touch, Safari is now available for Windows PCs. The elegant user interface of Safari delivers an intuitive browsing experience with drag-and-drop bookmarks, easy-to-organize tabs, an integrated Find that clearly highlights what you’re looking for, and a built-in RSS reader to quickly scan the latest news and information. Safari is the first browser to support the new generation of innovative Internet video, audio, and animation standards designed to deliver groundbreaking web applications. And because Safari supports high-fidelity graphics, beautiful fonts, and popular media types, your favorite websites have never looked better. Like Mac OS X, Safari is based on a modern, high-performance foundation with the security features you need to protect your information and the integrity of your computer. It’s everything you would expect of a web browser from Apple. Key Features • Blazing performance. The fastest browser on any platform, Safari gets out of your way and lets you enjoy the web faster than any other browser.* • Elegant user interface.
    [Show full text]
  • Google Chrome 1 Google Chrome
    Google Chrome 1 Google Chrome Google Chrome Navegador web Google Chrome mostrando la portada de Wikipedia en español Desarrollador Google [1] • google.com/chrome [2] • googlechromereleases.blogspot.com Información general Lanzamiento inicial 2 de septiembre de 2008 [3] Última versión estable 21.0.1180.89 (info ) 30 de agosto de 2012 [4] Última versión en pruebas 21.0.1180.60 Beta (info ) 31 de julio de 2012 Para otras compilaciones de desarrollo (Dev y Canary), véase ↓Canales de distribución de Chrome Género Navegador web Programado en C++, Ensamblador Google Chrome 2 Sistema operativo • Microsoft Windows • (XP SP2 o posterior) • Mac OS X • (Leopard o posterior) • Chrome OS • Ubuntu • Debian • Fedora • openSUSE • Android • (v4.0 o posterior) • iOS • (v4.3 o posterior) [5] Licencia • Freeware / Condiciones de servicio de Google Chrome • (Ejecutable de «Google Chrome») [6] • Software libre / Licencia BSD y otras • (Código fuente y ejecutable de «Chromium») Idiomas 50 idiomas En español Google Chrome es un navegador web desarrollado por Google y compilado con base en componentes de código abierto como el motor de renderizado WebKit y su estructura de desarrollo de aplicaciones (framework),[7] disponible gratuitamente bajo condiciones de servicio específicas.[6] Cuenta con más de 310 millones de usuarios,[8] y dependiendo de la fuente de medición global, puede ser considerado el navegador más usado de Internet variando hasta el tercer puesto.[9] Su cuota de mercado se sitúa aproximadamente entre el 17% y 32% para finales de junio de 2012,[10][11][12]
    [Show full text]
  • Study & Analysis of Various Protocols in Popular Web Browsers
    International Journal of Advancements in Research & Technology, Volume 1, Issue3, August-2012 1 ISSN 2278-7763 Study & Analysis of various Protocols in popular Web Browsers Dr. Bharat Mishra, Harish Singh Baghel,Manoj Patil, Pramod Singh Computer Science, M.G.C.G.V Chitrakoot Satna (M.P), Satna, India; Email: [email protected] ABSTRACT The web browsers are the application software that are used to access information from the World Wide Web. With the increas- ing popularity of the web browsers, the modern web browsers are designed to contain more features as compared to the exist- ing web browsers. For the transferring of information through these browsers, various protocols have been implemented on these modern web browsers to make these browsers more efficient. Different protocols used in different layers have different functions and by increasing the efficiency of these protocols we can make the working of browsers more efficient. Keywords : TCP/IP, NetBIOS, UDP, FTP, SNMP. 1 INTRODUCTION From the cellular phone to the desktop, the web browser has Foxy Tunes media player control toolbar, Adblock Plus ad become a ubiquitous piece of software in modern computing blocking utility, Stumble Upon (website discovery), Foxmarks devices. These same browsers have become increasingly com- Bookmark Synchronizer (bookmark synchronizer), WOT: Web plex over the years, not only parsing plaintext and HTML, but of Trust security site advisor, download enhancer, and Web images, videos and other complex protocols and file formats. Developer toolbar. With a market share of 45.5% in 2009 it is Modern complexities have brought along security vulnerabili- the most popular browser.
    [Show full text]