More details for those looking for inspiration on how to craft real attacks: Securing Frame Communication in Browsers:
A. Barth, C. Jackson, J. C. Mitchell — Stanford Web Security Group
Proc. of the 17th USENIX Security Symposium. (USENIX Security 2008) seclab.stanford.edu/websec/frames/post-message.pdf
September 7, 2011 at 10:15 pm |
Relevant links:
In development (can you find the bugs?) postMessage library with secure fallback:
github.com/mdawaffe/xPostMessage
More details for those looking for inspiration on how to craft real attacks:
Securing Frame Communication in Browsers:
A. Barth, C. Jackson, J. C. Mitchell — Stanford Web Security Group
Proc. of the 17th USENIX Security Symposium. (USENIX Security 2008)
seclab.stanford.edu/websec/frames/post-message.pdf
LikeLike
March 27, 2012 at 4:37 pm |
So people don’t have to watch the whole talk to recall the punchline: Needham—Schroeder Protocol.
LikeLike
August 2, 2012 at 9:34 am |
Reblogged this on danielbachhuber.
LikeLike