[WEB SECURITY] Cross-Site History Manipulation (XSHM)

Michal Zalewski lcamtuf at coredump.cx
Mon Feb 1 13:05:26 EST 2010


>  if (top !== self) top.location.replace(self.location.href);

Unsafe:

http://code.google.com/p/browsersec/wiki/Part2#Arbitrary_page_mashups_%28UI_redressing%29

See the "var location..." snippet.

/mz

----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA



More information about the websecurity mailing list