javascript - iFrame Security Risks from Embedding by Hacker -

-

within app (http://www.example.com) running iframe (https://www.example.com/iframe-application).

the main page (www.example.com) renders custom data based on cookies set iframe. iframe has smarts, javascript, secure cookies, etc. iframe has no text, images, etc. javascript code.

is there risk embed iframe in site , access secure cookies, login tokens, etc?

by default cookies bound domain name, in normal case should not possible.

if got xss vuln. on site, access cookies, rather sure escape inputstrings.


Comments

Post a Comment

Popular posts from this blog

css - Which browser returns the correct result for getBoundingClientRect of an SVG element? -

-
this svg contains rect overflows svg element: <svg id='svg' width='10' height='10'> <rect x='-10' y='-10' width='30' height='30'/> </svg> chrome 28 , opera 12 return getboundingclientrect() svg element width , height of 10. firefox 23 reports width , height of 30. correct? jsfiddle the relevant spec cssom , delegates svg spec if svg element not "have associated css layout box". haven't found definition of "having associated css layout box", correct result seem hinge on definition, getbbox returns 30x30 rect in browsers. this firefox bug fixed now, fix in firefox nightlies , should make through firefox 33 released on 14 october 2014. see bug 530985 details.
Read more

gcc - Calling fftR4() in c from assembly -

-
i trying asm fft implementation www.embeddedsignals.com work. running make gives error: undefined reference fftr4(short*, short*, int) at top of asm have .syntax unified .thumb .global fftr4 .type fftr4, %function and there #define's associate c functions arguments registers followed macros fftr4 function uses. after that, fftr4 called .thumb_func fftr4: stmfd sp!, {r4-r11, lr} mov tmp0, #0 // bit reversed counter mov tmp1, #0 .word 0xf3a2fa92 //rbit r3,r2 //rbit r,n lsl r,#3 and c code follows: void fftr4(short *y, short *x, int n); short x[512]; short y[512]; int i; void loop() { (i=0;i<512;i++) x[i]=0; (i=0;i<512;i=i+8) { x[i+0]=16384; x[i+2]=16384; x[i+4]=-16384; x[i+6]=-16384;} fftr4(y, x, 256); serialusb.println(y[128]); serialusb.println(y[129]); serialusb.println(y[384]); serialusb.println(y[385]); // expected results: //y[128]is 8191; y[129] -8190 y[
Read more

Function that returns a formatted array in VBA -

-
i have function prints excel data text file in array format following: [ ['id', 'label', 'longitude', 'latitude', 'country', 'region', 'ttl_wt_flw_thru', 'sum-of-bol-wt', 'count of wdr_ref', 'ratio'], ['aeauh', 'abu dhabi, united arab emirates', 54.3666667, 24.4666667, 'ae', 'eame', 66, 30, 8432, 281.066666666667], ['aedxb', 'dubai, united arab emirates', 55.307485, 25.271139, 'ae', 'eame', 682, 3, 8369, 2789.66666666667] ] my code writing array is: function fillsourcearray() dim long, j long, s string dim lastrow double dim s1 string 'opens file filepath = filepath & "dataarray" & ".txt" open filepath output #1 'read source data dataarray = sheets("nodes").cells(1).currentregion.value 'determine lastrow lastrow = sheets("nodes").range
Read more