HTML5 has gained a lot of interest the last couple of years from web developers. HTML5 is the new upcoming standard for HTML set to be released in the end of 2014 (W3C). In this report HTML5 is reviewed in order to determine if it has made web applications more secure. This is done with information study and the use of experimental test cases. We use the latest OWASP top ten list of security risks in web applications as a benchmark. As a result we found ve correlations between OWASP top ten list and HTML5 functionality. The results clearly indicates that HTML5 is a ecting web application security. The security risks that was successfully exploited is Cross-site scripting, Security Miscon guration, Sensitive Data Exposure, Cross-site request forgery and Unvalidated redirects and forwards. We suggest countermeasures for the tests performed and discuss how developers should have security in mind when it comes to developing with HTML5.
| Identifer | oai:union.ndltd.org:UPSALLA1/oai:DiVA.org:bth-2074 |
| Date | January 2013 |
| Creators | Nilsson, Daniel, Åberg, Hampus |
| Publisher | Blekinge Tekniska Högskola, Sektionen för datavetenskap och kommunikation, Blekinge Tekniska Högskola, Sektionen för datavetenskap och kommunikation |
| Source Sets | DiVA Archive at Upsalla University |
| Language | English |
| Detected Language | English |
| Type | Student thesis, info:eu-repo/semantics/bachelorThesis, text |
| Format | application/pdf |
| Rights | info:eu-repo/semantics/openAccess |
Page generated in 0.0023 seconds