What is Browser Standards and Security

Introduction

When designing a website, it is important to consider how users will see it. There are many browsers available that a user can use to view your website. It is important to consider standards between browsers. There are so many browsers available on the market that the website you create could and probably will look different in each browser. Some browsers handle certain scripting languages ​​better than others, e.g. Mozilla Firefox handles animated gifts as rollovers on buttons without problems, while Internet Explorer 5 does not handle them and displays them correctly or may not display them at all. In Part 2 of this report, we'll cover cross-browser standards, available browsers, and how browsers handle HTML in different ways. This section will also show usage among the most popular browsers and display the statistics as a pie chart, with each block representing a different browser. In Part 3 of this report, we'll discuss both client-side and server-side security risks and list the top ten vulnerabilities that a website must overcome to stay protected. This section also displays security risk statistics in a bar chart. Section 4 discusses how the information contained in this report will be used in the main project.

Section 5 concludes all the information that was gathered to create this report and how it can be used to create a more compliant and secure website.

Browsers

Since the Internet was created to unite the world into one interconnected community, the use of so many different browsers that view web pages in different ways makes it difficult for web designers to create a website and can prevent users from viewing a web page. anyway. When designing a website, the designer must test his site in different browsers to check the result of the site. With so many browsers available, it's important to consider which browsers Wordpress Malware Removal Service to test and how many previous browser versions to consider in your designs.

As technology has advanced, the situation has improved to what it was a few years ago, but the problem has not been completely solved. Now you can be sure that at least 99% of users have browsers that support almost all of HTML 4. However, there are still inconsistencies in how cascading styles are implemented, and older versions of browsers older than current standards last a long time. go out completely. The website designer now has to consider the mobile user as well; phones, PDAs, and other handheld media devices that have Internet access. The browser these devices use will be a variant of the standard browser, but the user will be viewing the pages on a much smaller screen. A mobile browser, also called a microbrowser, minibrowser or wireless internet browser (WIB), is optimized to display web content as efficiently as possible for small screens on portable devices. Mobile browser software must also be small and efficient to accommodate the low memory capacity and low bandwidth of wireless handheld devices. These were usually abandoned web browsers, but since 2006 some mobile browsers have been able to handle the latest technologies such as CSS 2.1, JavaScript and Ajax. Jennifer Niederst Robbins (2006) says;

"1996 to 1999: The Browser War Begins.

For years, the web development world has watched Netscape and Microsoft battle it out for dominance in the browser market. The result was a collection of proprietary HTML tags and incompatible implementations of new technologies such as JavaScript, cascading styles, and dynamic HTML. On the plus side, competition between Netscape and Microsoft also led to rapid development of the medium as a whole.”

The World Wide Web Consortium sets the basic rules for HTML document translation and the official HTML standards.

HTML standards say that the Table tag should support the Cellspacing attribute to define the spacing between table sections. HTML standards do not define a default value for this attribute, so if you do not explicitly define Cellspacing when you create the page, two browsers may use different amounts of whitespace in the table. HTML standards are usually ahead of what browsers support. Over the past few years, Internet Explorer has done a much better job of this than Netscape Navigator, although Opera has probably done the best job.

If you create a web page and the user's browser doesn't understand part of the language, it will ignore that part and continue building the rest of the page. This causes some browsers to not display the page as designed.

The best way to minimize these problems is to pay attention to browser compatibility when creating a website. Avoid using HTML extensions and be careful when using high-end language features that may not yet be supported by all major browsers.

The main difference between the two versions of the same browser is their support for newer parts of HTML. The new browser is generally better at displaying web pages than the old one.

Web application security

When creating any web application such as an e-commerce website, security must always be on the mind of the designers. A flaw in the application's design could make it easy for a hacker to gain access to a web server through cross-site scripting on the web. A web server is a frequent target for hackers because it is a very powerful machine with a lot of bandwidth and also allows access by anonymous users. The web was not designed to be secure, nor was it designed to run applications or businesses selling over the net. It was designed to be static and for users to collect information. As web applications become more powerful in what they can do, so do the security risks for a potential attacker. Because code is linked to data, such as Javascript embedded in HTML, hackers use malicious code that is mistaken for part of the website's code, which then gives the hacker more privileges than they should be allowed, allowing them to change securely protected data. .

Exploiting unexpected or unplanned bugs in a web application to gain unauthorized access is a known security flaw. Three elements are required for a security breach to occur; an asset, a vulnerability and a hacker, if all three things exist in a web application, there will be a risk of a security flaw.

There are ten top security flaws:

1. Cross Site Scripting (XSS)

2. Injection defects

3. Running a malicious file

4. An insecure direct reference to an object

5. Cross Site Request Forgery (CSRF)

6. Leakage of information and incorrect handling of errors

7. Interrupted Authentication and Session Management

8. Unsecured cryptographic storage

9. Unsecured Communication

10. Failure to restrict URL access