W3C home > Mailing lists > Public > public-webappsec@w3.org > July 2015

Suggestion for code exposure security

From: Ahmed Saleh <ahmedzs@live.ca>
Date: Mon, 27 Jul 2015 20:53:14 -0400
Message-ID: <BLU179-W744429C0D23C5E007CF937AC8D0@phx.gbl>
To: "public-webappsec@w3.org" <public-webappsec@w3.org>
Hi Sir/Madam,Due to the public exposed nature of JavaScript and HTML code to browsers and clients, itís not protected from people who can steal or manipulate the responded code from servers. Therefore, I have suggestion solve this situation. We can make all known browsers to have a specific signature (Hash) and a website would only work for a list of given signatures which represent all known browsers.So on my website I can check for the current browser thatís trying to connect with me as a server and decide if itís valid based on its signature and continue the connection if the signature is found in my data list(of browsers[name&version]-signature/hash key-value pairs) or not if invalid and the signature is not found in my list of signature of all known browsers and terminate the connection.           The browsers on the other hand, could respond to meta tags on my website such as <meta immutable> which prevents websites from being mutated by plugins, and <meta protected> which protects source code from view.Thank you, 		 	   		   		 	   		  
Received on Wednesday, 29 July 2015 22:28:19 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:13 UTC