The Browser Security Handbook is a free online book covering information related to web browsers like: IE6, IE7, FF2, FF3, Opera, Chrome, Safari and Android. The book covers material from url schemas, http protocol, DOM, up to same-origin policy.

Being a comprehensive document about browsers it’s a book that I would recommend security testers, as well to website developers. I wouldn’t be amazed if it where a reference lecture upon browsers in the years to follow.

If you are here you might as well check other published material from Michal Zalewski: “I don’t think I really love you” (first Zalewski material I ever read), Absence of fd-based unlink(), “Delivering signals for Fun and Profit”, Rise of the Robots, Juggling with packets, IP Fragmentation and “Strike that out, SAM”.