Availability Attacks

The Same-origin policy (SOP)

“a web browser permits scripts contained in a first web page to access data in a second web page, but only if both web pages have the same origin. An origin is defined as a combination of URI scheme, host name, and port number. This policy prevents a malicious script on one page from obtaining access to sensitive data on another web page through that page’s Document Object Model.” From Wikipedia article on Same-origin Policy

CORS (Cross-Origin Resource Sharing)

aaaa this is a really big flowchart, sorry

Cross-site scripting (XSS) attacks

Site design: Error handling