The MSHTML (Trident) Host Security FAQ

I’ve posted a two-part FAQ addressing security considerations for apps that host MSHTML.  Check it out over at the SRD blog! The MSHTML Host Security FAQ: Part I of IIThe MSHTML Host Security FAQ: Part II of II

New webappsec tools

Chris Weber’s Watcher: Watcher plugs into the Fidder HTTP proxy and monitors for all sorts of web app vulns, from the common to the obscure. Gareth Heyes’ XSS Rays: XSS Rays runs in the browser as a bookmarklet and scans for XSS on demand.


IE8 is here! What are you waiting for?  Go get it!


XSS Filter Improvements in IE8 RC1

I’ve just posted detail up on the SVRD Blog about some improvements and bug fixes to the XSS Filter feature in IE8 RC1.


Video Roundup (Martin Johns and more!)

Recently I got Martin Johns connected with Helen Wang’s group in Microsoft Research.  Check out Martin’s excellent talk @MSR, Secure Code Generation for Web Applications. Here are a few other gems I discovered on Techniques and Tools for Engineering Secure Web ApplicationsGary Wassermann, 3/13/2008 Improving Software Security with Precise Static and Runtime AnalysisBenjamin Livshits, 6/26/2006…



Giorgio Maone’s new ABE project looks pretty cool. Exposing the loose and often unnecessary boundaries between web applications shines a different light on some old problems in web application security.  Enforcing greater formalization and limiting the attack surface presented by these boundaries is a great thing. Yeah, yeah, I know, Giorgio doesn’t like us, etc…, whatever.  😉



Björn Engelmann, Joachim Posegga, and LocalRodeo developer Martin Johns have authored an excellent paper on a new Cross-site Scripting detection system called XSSDS.  Stay tuned to for a new browser extension based on this technology.  The XSSDS approach is similar in some ways to the IE8 XSS Filter approach, although it’s worth noting that until recently Martin’s team had…


IE8 Beta 2

If you haven’t already seen, Internet Explorer 8 Beta 2 is out – go get it! Now is a good time to thank everyone who helped make the IE8 XSS Filter a reality.  This project wouldn’t have been possible without your hard work, support, leadership, guidance, brainstorming, pentesting, coding, and testing. THANK YOU: Zhenya and…

IE 8 XSS Filter Architecture / Implementation revealed + some other news

I’ve just posted some detail on the Internet Explorer 8 XSS Filter Architecture / Implementation over on the SWI Blog.  It would be great to get some feedback and answer any questions you may have — just drop me a mail using the Email link to the left. In other news, Gareth Heyes has been spending some time testing the XSS Filter implementation.  Gareth has written…


IE8 XSS Filter design philosophy in-depth

It’s great to see some positive reaction to the potential of our XSS Filter.  Now we just need to deliver! In this blog post I’ll try to shed some light on our design philosophy. To understand how we have arrived at our current filtering approach, it is useful to look back to the XSS Filter’s…