Skip to main content.

Platinum Sponsors

Gold Sponsors

Silver Sponsors

Bronze Sponsors

Wi-Fi Hardware Sponsor

Banquet Sponsor

Conference Bag and T-Shirts Sponsor

Conference Flash Disk Sponsor

Conference Welcome Reception Sponsor

Conference VIP Dinner Sponsor

Organizers

Beihang University

Host of the Conference Series

International World Wide Web Conferences Steering Committee

In Cooperation With

ACM SIGWEB
ACM SIGecom

China Computer Federation

International Federation for Information Processing

World Wide Web Consortium

Sponsors are Listed In Alphabetic Order

Refereed Papers

Track: Security II: Web Client Security

Paper Title:
ForceHTTPS: Protecting High-Security Web Sites from Network Attacks

Authors:

Collin Jackson(Stanford University)
Adam Barth(Stanford University)

Abstract:
As wireless networks proliferate, web browsers operate in an increasingly hostile network environment. The HTTPS protocol has the potential to protect web users from network attackers, but real-world deployments must cope with misconfigured servers, causing imperfect web sites and users to compromise browsing sessions inadvertently. ForceHTTPS is a simple browser security mechanism that web sites or users can use to opt in to stricter error processing, improving the security of HTTPS by preventing network attacks that leverage the browser's lax error processing. By augmenting the browser with a database of custom URL rewrite rules, ForceHTTPS allows sophisticated users to transparently retrofit security onto some insecure sites that support HTTPS. We provide a prototype implementation of ForceHTTPS as a Firefox browser extension.

PDF version

Inquiries can be sent to: Email contact: program-chairs at www2008.org

**Sponsors are Listed In Alphabetic Order**

Refereed Papers

Sponsors are Listed In Alphabetic Order