web security

[dlrandy]

https://resources.infosecinstitute.com/bypassing-same-origin-policy-sop-part-2/#article https://resources.infosecinstitute.com/bypassing-same-origin-policy-sop/#gref

[dlrandy]

https://www.securityninja.io/understanding-cross-origin-resource-sharing-cors/

[dlrandy]

https://crypto.stanford.edu/cs155/lectures/11-workers-sandbox-csp.pdf

[dlrandy]

https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS

[dlrandy]

https://security.stackexchange.com/questions/81186/understanding-sop-in-multiple-tabs https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy https://www.netsparker.com/whitepaper-same-origin-policy/ https://stackoverflow.com/questions/10636611/how-does-access-control-allow-origin-header-work https://www.brokenbrowser.com/uxss-ie-htmlfile/ https://developers.google.com/web/fundamentals/security/csp/