Skip to main content. Start your free trial. The Browser Hacker's Handbook by. Book description Hackers exploit browser vulnerabilities to attack deep within networks The Browser Hacker's Handbook gives a practical understanding of hacking the everyday web browser and using it as a beachhead to launch further attacks deep into corporate networks. The Browser Hacker's Handbook thoroughly covers complex security issues and explores relevant topics such as: Bypassing the Same Origin Policy ARP spoofing, social engineering, and phishing to access browsers DNS tunneling, attacking web applications, and proxying—all from the browser Exploiting the browser and its ecosystem plugins and extensions Cross-origin attacks, including Inter-protocol Communication and Exploitation The Browser Hacker's Handbook is written with a professional security engagement in mind.
Once you've got an idea of the required featureset, and what technologies you will likely build these features with, you should start exploring the target audience — what browsers, devices, etc. The client might already have data about this from previous research they've done, e. If not, you will be able to get a good idea by looking at other sources, such as usage stats for competitors, or countries the site will be serving.
You can also use a bit of intuition. So for example, you might be building an e-commerce site that serves customers in North America. Now you know your target testing platforms, you should go back and review the required featureset and what technologies you are going to use. For example, if the e-commerce site owner wants a WebGL-powered 3D tour of each product built into the product pages, they will need to accept that this just won't work in IE versions before You'd have to agree to provide a version of the site without this feature to users of older IE versions.
Note: You can find browser support information for technologies by looking up the different features on MDN — the site you're on! You should also consult caniuse. Now on to the development of the site. You should split the different parts of the development into modules, for example you might split the different site areas up — home page, product page, shopping cart, payment workflow, etc. You might then further subdivide these — implement common site header and footer, implement product page detail view, implement persistent shopping cart widget, etc.
Normally your development will involve a combination of the above three approaches. The most important thing is that you test each small part before committing it — don't leave all the testing till the end! After each implementation phase, you will need to test the new functionality.
To start with, you should make sure there are no general issues with your code that are stopping your feature from working:. Next, you should try expanding your list of test browsers to a full list of target audience browsers and start concentrating on weeding out cross browser issues see the next article for more information on determining your target browsers.
For example:. The most lo-fi option is to just do all the testing you can by yourself pulling in team mates to help out if you are working in a team.
You should try to test it on real physical devices where possible. This is a very popular choice, especially in some circumstances — for example, Windows doesn't let you have multiple versions of Windows installed simultaneously on the same machine, so using multiple virtual machines is often the only option here. Another option is user groups — using a group of people outside your development team to test your site. This could be a group of friends or family, a group of other employees, a class at a local university, or a professional user testing setup, where people are paid to test out your site and provide results.
Finally, you can get smarter with your testing using auditing or automation tools; this is a sensible choice as your projects get bigger, as doing all this testing by hand can start to take a really long time. Release date is November 28, Skip to content. Summary: Focused information on a single issue.
Very useful. The email you entered is already receiving Daily Bits Emails! Follow BitsDuJour. Security Utilities Video. Buy Now I Want This. Platforms: All. Screenshots Website Virus Scan. The Conversation. Learn how to create modern and cross-compatible websites Discover the basics of cross-browser compatibility Explore HTML 5, CSS 3, and the complexities of JavaScript Read up on cross-browser testing solutions Get the facts on testing for mobile devices and tablets You can download and install a free trial of this software before purchasing Download available for: All Buy with BitsDuJour's promotional coupon code and get all this at a discounted price!
Transfer of a license to another owned computer is allowed. License activation isn't required. This promotion cannot be used to upgrade or extend an existing license. Support is not provided. No return policy.
0コメント