Unrestricted information flows are a key security weakness of current web design. Cross-site scripting, cross-site request forgery, and other attacks typically require that information be sent or retrieved from arbitrary, often malicious, web servers. In this paper we propose Same Origin Mutual Approval (SOMA), a new policy for controlling information flows that prevents common web vulnerabilities. By requiring site operators to specify approved external domains for sending or receiving information, and by requiring those external domains to also approve interactions, we prevent page content from being retrieved from malicious servers and sensitive information from being communicated to an attacker. SOMA is compatible with current web applications and is incrementally deployable, providing immediate benefits for clients and servers that implement it. SOMA has an overhead of one additional HTTP request per domain accessed and can be implemented with minimal effort by application and web browser developers. To evaluate our proposal, we have developed a Firefox SOMA add-on. Copyright 2008 ACM.

Additional Metadata
Keywords Cross-site request forgery (XSRF), Cross-site scripting (XSS), JavaScript, Same origin policy, Web security
Persistent URL dx.doi.org/10.1145/1455770.1455783
Conference 15th ACM conference on Computer and Communications Security, CCS'08
Oda, T. (Terri), Wurster, G. (Glenn), Van Oorschot, P, & Somayaji, A. (2008). SOMA: Mutual approval for included content in web pages. Presented at the 15th ACM conference on Computer and Communications Security, CCS'08. doi:10.1145/1455770.1455783