[WEB SECURITY] Cross domain access using JavaScript document.referrer

Kanatoko anvil at jumperz.net
Thu Dec 21 17:13:51 EST 2006

Amit wrote:
> You're right in stating that this is a "cross domain access 
> technique", but I wouldn't say that this is a cross domain vulnerability.

Yes, this is not a vulnerability.

Two domains need to cooperate each other, like Flash, JSONP,
IFrameProxy(using fragmentIdentifier).

I'm sorry if this is a off-topic to this list.

Kanatoko<anvil at jumperz.net>
Open Source WebAppFirewall

The Web Security Mailing List: 

The Web Security Mailing List Archives: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

More information about the websecurity mailing list