large-scale analysis

OAuth 2.0 Redirect URI Validation Falls Short Literally

Tommaso Innocenti, Matteo Golinelli, Kaan Onarlioglu, Ali Mirheidari, Bruno Crispo, Engin Kirda

The Nonce-nce of Web Security: An Investigation of CSP Nonces Reuse

Content Security Policy (CSP) is an effective security mechanism that prevents the exploitation of Cross-Site Scripting (XSS) …

Matteo Golinelli, Francesco Bonomi, Bruno Crispo