Main navigation | Main content
Main reading for February 24th:
Mario Heiderich, Jörg Schwenk, Tilman Frosch, Jonas Magazinius,
and Edward Z. Yang. “mXSS attacks: attacking well-secured
web-applications by using innerHTML mutations.” In ACM
Conference on Computer and Communications Security, pages
777–788, Berlin, Germany, November 2013.
[ACM]
Main reading for February 26th:
Willem De Groef, Dominique Devriese, Nick Nikiforakis, and Frank
Piessens. “FlowFox: a web browser with flexible and precise
information flow control”. In ACM Conference on Computer and
Communications Security, pages 748–759, Raleigh, NC, USA,
November 2012.
[ACM]
Not selected:
Mike Samuel, Prateek Saxena, and Dawn Song. “Context-sensitive
auto-sanitization in web templating languages using type
qualifiers.” In ACM Conference on Computer and Communications
Security, pages 587–600, Chicago, IL, USA, October 2011.
[ACM]
Mario Heiderich, Marcus Niemietz, Felix Schuster, Thorsten Holz, and
Jörg Schwenk. “Scriptless attacks: stealing the pie
without touching the sill.” In ACM Conference on Computer and
Communications Security, pages 760–771, Raleigh, NC, USA,
November 2012.
[ACM]