This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP Browser Security Project

From OWASP

Jump to: navigation, search

Main =

The purpose of this project is to provide insight into security features built into the web browser.

Currently information is available for Mozilla Firefox

Project About

PROJECT INFO
What does this OWASP project offer you?

RELEASE(S) INFO
What releases are available for this project?

what	is this project?
Name: OWASP Browser Security Project (home page)
Purpose: N/A
License: N/A
who	is working on this project?
Project Leader(s): N/A
how	can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: Not Yet Created
Key Contacts
Contact the GPC to contribute to this project Contact the GPC to review or sponsor this project

current release
Not Yet Published
last reviewed release
Not Yet Reviewed

other releases

Below is a list of some of the security features within Firefox and links to additional information:

Content Security Policy (CSP)

Introducing CSP

CSP Specification

Design Considerations

How To Deploy CSP

Strict Transport Security (STS)

http://blog.mozilla.com/security/2010/08/27/http-strict-transport-security/

http://tools.ietf.org/html/draft-hodges-strict-transport-sec-02

X-Frame-Options

http://blog.mozilla.com/security/2010/09/08/x-frame-options/

https://developer.mozilla.org/en/The_X-FRAME-OPTIONS_response_header

Security Bug Bounty Program

http://blog.mozilla.com/security/2010/07/15/refresh-of-the-mozilla-security-bug-bounty-program/

http://www.mozilla.org/security/bug-bounty.html

Report a Firefox Security Bug

https://bugzilla.mozilla.org/

Please file a bug describing the security bug; be sure to check the box near the bottom of the entry form that marks this bug report as confidential. We encourage you to attach a "proof of concept" testcase or link to the bug report that demonstrates the vulnerability. While not required, such a testcase will help us judge submissions more quickly and accurately.

Notify the Mozilla Security Group by email and include the number of the bug you filed and a brief summary. If you cannot file a bug include the full details in the email and attach any proof of concept testcases or links. Mozilla Foundation staff and the Mozilla Security Group will consider your submission for the Security Bug Bounty and will contact you.

https://developer.mozilla.org/en/Download_Mozilla_Source_Code

The current version of Firefox can be downloaded here

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_Browser_Security_Project&oldid=166540"

Categories:

OWASP Browser Security Project

Main =

Project About

Mozilla Firefox

Content Security Policy (CSP)

Strict Transport Security (STS)

X-Frame-Options

Security Bug Bounty Program

Report a Firefox Security Bug

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools