Browsers play a role in web application security, but where does their responsibility stop and the developer’s start? In this episode, we are going to discuss a few changes happening in the Chrome browser, that change security by default.
Listen to the Episode:
SameSite Default
Chrome has announced a few changes that we need to watch out for in the near future. We previously talked about the default value for samesite that is coming up fast. I wrote about this here: https://www.jardinesoftware.net/2019/10/28/samesite-by-default-in-2020/
This change could impact any application and as developers we should be aware of security defaults in the browsers.
Mixed Content
Also, they are getting ready to start blocking mixed content downloads:
https://blog.chromium.org/2020/02/protecting-users-from-insecure.html
For more info go to https://www.developsec.com or follow us on twitter (@developsec).
[Read more…] about Ep. 117: How Browsers are Helping with Security