G. Aggarwal, E. Bursztein, C. Jackson, and D. Boneh, An analysis of private browsing modes in modern browsers, Proceedings of the 19th USENIX conference on Security, pp.6-6, 2010.

A. Barth, C. Jackson, and J. Mitchell, Securing frame communication in browsers, Communications of the ACM, vol.52, issue.6, pp.83-91, 2009.
DOI : 10.1145/1516046.1516066

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

B. Bonné, Improving session security in web applications

A. Bortz, A. Barth, and A. Czeskis, Origin cookies: Session integrity for web applications, 2011.

P. De-ryck, L. Desmet, W. Joosen, and F. Piessens, Automatic and precise clientside protection against csrf attacks, ESORICS, pp.100-116, 2011.

D. Online, Cookies used on delia online

M. Johns, B. Braun, M. Schrank, and J. Posegga, Reliable protection against session fixation attacks, Proceedings of the 2011 ACM Symposium on Applied Computing, SAC '11, 2011.
DOI : 10.1145/1982185.1982511

E. Kirda, C. Kruegel, G. Vigna, and N. Jovanovic, Noxes, Proceedings of the 2006 ACM symposium on Applied computing , SAC '06, pp.330-337, 2006.
DOI : 10.1145/1141277.1141357

C. Linhart, A. Klein, R. Heled, and S. Orrin, Http request smuggling, Computer Security Journal, vol.22, issue.1, p.13, 2006.

J. Mayer and A. Narayanan, Do not track -universal web tracking opt out, 2011.

N. Nikiforakis, W. Meert, Y. Younan, M. Johns, and W. Joosen, SessionShield: Lightweight Protection against Session Hijacking, Proceedings of the 3rd International Symposium on Engineering Secure Software and Systems (ESSoS), 2011.
DOI : 10.1007/978-3-642-19125-1_7

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

J. Samuel, Requestpolicy 0.5.20, 2011.
DOI : 10.1007/978-3-642-03168-7_8

M. Schrank, B. Braun, M. Johns, and J. Posegga, Session Fixation -the Forgotten Vulnerability, Proceedings of the 5th conference on " Sicherheit, Schutz und Zuverlssigkeit, 2010.

S. Tang, N. Dautenhahn, and S. T. King, Fortifying web-based applications automatically, Proceedings of the 18th ACM conference on Computer and communications security, CCS '11, 2011.
DOI : 10.1145/2046707.2046777

M. T. Louw, K. T. Ganesh, and V. N. Venkatakrishnan, Adjail: Practical enforcement of confidentiality and integrity policies on web advertisements, 19th USENIX Security Symposium, 2010.

J. Williams and D. Wichers, Owasp top 10, OWASP Foundation, 2010.

Y. Zhou and D. Evans, Why Aren't HTTP-only Cookies More Widely Deployed?, Proceedings of 4th Web 2.0 Security and Privacy Workshop (W2SP '10), 2010.