Frederik Braun

Hi,

my name is Frederik Braun and I currently work as a Senior Security Engineer at Mozilla. This blog's content is heavily influenced by my work in security, but it is a personal blog and opinions do not reflect anyone else's than mine.

If you are using a CDN to serve your website's JavaScript files, you might want to look into Subresource Integrity, which I have been working on since 2014.

In the fall of 2013 I have co-authored a whitepaper about the benefits of the X-Frame-Options security header with Mario Heiderich. It actually mostly showcases some nifty tricks and attacks that you can carry out when a website can be framed.

I once wrote a thesis about the Same Origin Policy and its state in the API-rich HTML5 browsers in Summer 2012, which concluded my studies of IT-Security at the Ruhr-University in Bochum. This is also where I co-founded the CTF team fluxfingers.

If you still want to know more, I suggest you read some of my blog posts. You may also contact me.