Home » WordCampTV»WordCamp San Francisco 2011

Mike Adams: Developing Secure Widgets: Secure iFrame Communication in a Pre-postMessage World

3 responses on “Mike Adams: Developing Secure Widgets: Secure iFrame Communication in a Pre-postMessage World

  1. mdawaffe
    September 7, 2011 at 10:15 pm | Reply

    Relevant links:

    In development (can you find the bugs?) postMessage library with secure fallback:
    github.com/mdawaffe/xPostMessage

    More details for those looking for inspiration on how to craft real attacks:
    Securing Frame Communication in Browsers:
    A. Barth, C. Jackson, J. C. Mitchell — Stanford Web Security Group
    Proc. of the 17th USENIX Security Symposium. (USENIX Security 2008)
    seclab.stanford.edu/websec/frames/post-message.pdf

    Like

  2. Mark Jaquith
    March 27, 2012 at 4:37 pm | Reply

    So people don’t have to watch the whole talk to recall the punchline: Needham—Schroeder Protocol.

    Like

  3. Daniel Bachhuber
    August 2, 2012 at 9:34 am | Reply

    Reblogged this on danielbachhuber.

    Like

Continue the discussion

Published

August 31, 2011

Event

WordCamp San Francisco 2011 47

Speakers

Mike Adams 2

Tags

Development 392
Plugins 345
widgets 16

Language

English 10496

Download
MP4: Low, Med, High, Original
OGG: Low
Subtitles
Subtitle this video →
Producer
Kimberly Gehl

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.