same origin policy – Page 11

Is it possible to get a flash src after a redirect or an element inside an embed/object/iframe tag (cross-domain)?

Posted on August 28, 2015 by user61429

The URL example.com/auth will automatically redirect the user (HTTP 302) to example.com/signed_in.SWF?token=SENSITIVE.

Is it possible for an attacker to steal the token, using javascript or flash, in the following example? How?

<!DOCT… Continue reading Is it possible to get a flash src after a redirect or an element inside an embed/object/iframe tag (cross-domain)?→

Same Origin Policy – XHR response

Posted on April 24, 2015 by NeverStopLearning

I know that Same Origin Policy (SOP) prevents a page/script from one origin to read response from another origin, but it does not prevents the page/script from making a XMLHttpRequest (XHR) request to a different origin. From Mozilla’s Dev… Continue reading Same Origin Policy – XHR response→

How is the same origin policy causing my PoC to fail when I don’t need to read return data?

Posted on October 17, 2014 by Ryan

I’m performing an authorized vulnerability analysis on a custom web service and have discovered a CSRF vulnerability.

Due to there not being form tokens coupled with the service not checking for the origin header I believed I could forge … Continue reading How is the same origin policy causing my PoC to fail when I don’t need to read return data?→

How are Ajax requests vulnerable to CSRF attacks if the Same-origin policy is applied?

Posted on May 26, 2014 by Songo

What I know about CSRF is that a malicious website tricks a normal user into issuing a request to a trusted website using a form.

I understand that is possible because we can post forms to different domains. However, I see posts of Stacko… Continue reading How are Ajax requests vulnerable to CSRF attacks if the Same-origin policy is applied?→

In which ways could a javascript making a cross domain HEAD request be a threat?

Posted on July 26, 2013 by Ian

I was just reading this answer to the question Why is the same origin policy so important?

Basically, when you try to make an XMLHttpRequest to a different
domain, the browser will do one of two things:

If it’s a GET or POST request whic… Continue reading In which ways could a javascript making a cross domain HEAD request be a threat?→

Why can I read the response to this CSRF attack?

Posted on August 27, 2012 by Jarrod Everett

I have a website www.foo.com:8002 that I have resolve to 127.0.0.1:8002 in my hosts file. I have another (the main site) running at localhost:80

In www.foo.com:8002 the page looks like

<form name=”myform” action=”http://localhost/bar”… Continue reading Why can I read the response to this CSRF attack?→

Why is the same origin policy so important?

Posted on October 19, 2011 by YSY

I can’t really fully understand what same origin domain means. I know it means that when getting a resource from another domain (say a JS file) it will run from the context of the domain that serves it (like Google Analytics code), which m… Continue reading Why is the same origin policy so important?→