OWASP Browser Security ACID Tests Project
Browser Security Acid Tests
Welcome to the Browser Security Acid Tests. OWASP has adopted this project with the goal to create an in-depth suite of test cases for identifying security issues in web browsers. By highlighting such issues, we can help browser vendors adopt appropriate security controls and implement new security features in a more consistent manner. We can also help raise public awareness about various security issues while providing objective data on the current status of browser security.
The project is under active development. Please take a look at TBD for ways you can contribute.
Web browsers are *very* complicated pieces of software. The landscape of functionality provided by modern browsers is pocketed with security concerns, both large and small. This project was started in order to help people get a better understanding of what these issues are while also providing browser vendors a forum to compare strategies, vulnerabilities, and new features.
In order to get a feel for the security landscape of modern browsers, it's essential to be able to create have a wide range of test cases covering both high and low level security issues. In order to keep things as objective (and simple) as possible, we've opted to focus on automation as much as possible. To run these automated tests, a powerful and generic framework is needed that can run in as many browsers as possible. Fortunately, OWASP has adopted the Web Browser Testing System Project, a testing harness originally developed and contributed by Isaac Dawson.
This project is under active development. We are currently working to establish the scope of the project, adopt a sensible testing framework, and gather support from interested browser vendors.
You can help by...
Proposal to Browser Vendors
Build test cases...
| PROJECT INFO
What does this OWASP project offer you?
| RELEASE(S) INFO|
What releases are available for this project?