[WEB SECURITY] Cross domain access using JavaScript document.referrer
Kanatoko
anvil at jumperz.net
Thu Dec 21 17:13:51 EST 2006
Amit wrote:
> You're right in stating that this is a "cross domain access
> technique", but I wouldn't say that this is a cross domain vulnerability.
Yes, this is not a vulnerability.
Two domains need to cooperate each other, like Flash, JSONP,
IFrameProxy(using fragmentIdentifier).
I'm sorry if this is a off-topic to this list.
--
Kanatoko<anvil at jumperz.net>
Open Source WebAppFirewall
http://guardian.jumperz.net/
----------------------------------------------------------------------------
The Web Security Mailing List:
http://www.webappsec.org/lists/websecurity/
The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/archive/
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
More information about the websecurity
mailing list