Browser Security

Core browser security model: Same-Origin Policy, CORS, XSS, CSP, CSRF, clickjacking, SRI, HTTPS/HSTS, cookie attributes, storage security, Trusted Types, and supply-chain attacks.