{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T13:59:12Z","timestamp":1725544752090},"publisher-location":"Berlin, Heidelberg","reference-count":23,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642117466"},{"type":"electronic","value":"9783642117473"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010]]},"DOI":"10.1007\/978-3-642-11747-3_2","type":"book-chapter","created":{"date-parts":[[2010,1,24]],"date-time":"2010-01-24T20:03:02Z","timestamp":1264363382000},"page":"18-34","source":"Crossref","is-referenced-by-count":27,"title":["CsFire: Transparent Client-Side Mitigation of Malicious Cross-Domain Requests"],"prefix":"10.1007","author":[{"given":"Philippe","family":"De Ryck","sequence":"first","affiliation":[]},{"given":"Lieven","family":"Desmet","sequence":"additional","affiliation":[]},{"given":"Thomas","family":"Heyman","sequence":"additional","affiliation":[]},{"given":"Frank","family":"Piessens","sequence":"additional","affiliation":[]},{"given":"Wouter","family":"Joosen","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"2_CR1","unstructured":"Adobe. Adobe Flash Player 9 security (July 2008)"},{"key":"2_CR2","doi-asserted-by":"crossref","unstructured":"Barth, A., Jackson, C., Mitchell, J.C.: Robust defenses for Cross-Site Request Forgery. In: Proceedings of the 15th ACM Conference on Computer and Communications Security (CCS 2008), pp. 75\u201388 (2008)","DOI":"10.1145\/1455770.1455782"},{"key":"2_CR3","unstructured":"Crocker, D., Overell, P.: Augmented BNF for syntax specifications: ABNF (2008), http:\/\/tools.ietf.org\/html\/rfc5234"},{"key":"2_CR4","unstructured":"Esposito, D.: Take advantage of ASP.NET built-in features to fend off web attacks (January 2005), http:\/\/msdn.microsoft.com\/en-us\/library\/ms972969.aspx"},{"key":"2_CR5","unstructured":"Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., Berners-Lee, T.: Hypertext Transfer Protocol \u2013 HTTP\/1.1, rfc2616 (1999), http:\/\/tools.ietf.org\/html\/rfc2616"},{"key":"2_CR6","volume-title":"Design Patterns","author":"E. Gamma","year":"1995","unstructured":"Gamma, E., Helm, R., Johnson, R., Vlissides, J.: Design Patterns. Addison-Wesley, Reading (1995)"},{"key":"2_CR7","unstructured":"Chromium Developer Documentation, http:\/\/dev.chromium.org\/developers\/design-documents\/process-models"},{"key":"2_CR8","doi-asserted-by":"crossref","unstructured":"Jim, T., Swamy, N., Hicks, M.: Defeating script injection attacks with browser-enforced embedded policies. In: WWW 2007: Proceedings of the 16th international conference on World Wide Web (2007)","DOI":"10.1145\/1242572.1242654"},{"key":"2_CR9","unstructured":"Johns, M., Winter, J.: RequestRodeo: Client side protection against session riding. In: Proceedings of the OWASP Europe 2006 Conference (2006)"},{"key":"2_CR10","doi-asserted-by":"crossref","unstructured":"Jovanovic, N., Kirda, E., Kruegel, C.: Preventing Cross Site Request Forgery attacks. In: IEEE International Conference on Security and Privacy in Communication Networks (SecureComm), Baltimore, MD, USA (August 2006)","DOI":"10.1109\/SECCOMW.2006.359531"},{"key":"2_CR11","unstructured":"Klein, A.: Forging HTTP request headers with Flash (July 2006), http:\/\/www.securityfocus.com\/archive\/1\/441014"},{"key":"2_CR12","unstructured":"Linhart, C., Klein, A., Heled, R., Orrin, S.: HTTP request smuggling. Technical report, Watchfire (2005)"},{"key":"2_CR13","doi-asserted-by":"crossref","unstructured":"Maes, W., Heyman, T., Desmet, L., Joosen, W.: Browser protection against Cross-Site Request Forgery. In: Workshop on Secure Execution of Untrusted Code (SecuCode), Chicago, IL, USA (November 2009)","DOI":"10.1145\/1655077.1655081"},{"key":"2_CR14","series-title":"Lecture Notes in Computer Science","volume-title":"Defeating Cross-Site Request Forgery Attacks with Browser-Enforced Authenticity Protection","author":"Z. Mao","year":"2001","unstructured":"Mao, Z., Li, N., Molloy, I.: Defeating Cross-Site Request Forgery Attacks with Browser-Enforced Authenticity Protection. LNCS. Springer, Heidelberg (2001)"},{"key":"2_CR15","unstructured":"OWASP. The ten most critical web application security vulnerabilities"},{"key":"2_CR16","unstructured":"OWASP. CSRF Guard (October 2008), http:\/\/www.owasp.org\/index.php\/CSRF_Guard"},{"key":"2_CR17","unstructured":"Raghvendra, V.: Session tracking on the web. Internetworking\u00a03(1) (2000)"},{"key":"2_CR18","unstructured":"Samuel, J.: Request Policy 0.5.8, http:\/\/www.requestpolicy.com"},{"key":"2_CR19","unstructured":"van Kesteren, A.: Cross-origin resource sharing (March 2009), http:\/\/www.w3.org\/TR\/2009\/WD-cors-20090317\/"},{"key":"2_CR20","unstructured":"Wang, H.J., Grier, C., Moshchuk, A., King, S.T., Choudhury, P., Venter, H.: The Multi-Principal OS Construction of the Gazelle Web Browser. Microsoft Research Technical Report, MSR-TR-2009-16 (2009)"},{"key":"2_CR21","unstructured":"XPCOM - MDC (2008), https:\/\/developer.mozilla.org\/en\/XPCOM"},{"key":"2_CR22","unstructured":"Zalewski, M.: Browser Security Handbook (2008), http:\/\/code.google.com\/p\/browsersec\/wiki\/Main"},{"key":"2_CR23","unstructured":"Zeller, W., Felten, E.W.: Cross-Site Request Forgeries: Exploitation and prevention. Technical report (October 2008), http:\/\/www.freedom-to-tinker.com\/sites\/default\/files\/csrf.pdf"}],"container-title":["Lecture Notes in Computer Science","Engineering Secure Software and Systems"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-11747-3_2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,25]],"date-time":"2019-05-25T05:32:45Z","timestamp":1558762365000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-11747-3_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010]]},"ISBN":["9783642117466","9783642117473"],"references-count":23,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-11747-3_2","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2010]]}}}