Stories
Slash Boxes
Comments

NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

use Perl

All the Perl that's Practical to Extract and Report

Cross domain javascript callbacks More | Login | Reply

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

Without JavaScript enabled, you might want to use the classic discussion system instead. If you login, you can remember this preference.

Do you read Ajaxian ? (Score:1)

by renodino (6856)

I vaguely recall a similar technique described on http://www.ajaxian.com/ [ajaxian.com] some weeks ago. You might search their archive.
Also, your demo page shows different subdomains of the same domain; IIRC, some browser(s) only restrict access to the first level above the TLD ? Have you verified between, say, yahoo.com and google.com ?
- Re: (Score:2)
  
  by malte (1708)
  
  Do you mean the postMessage() [ajaxian.com] article? That's similar, but it is only implemented in opera as far as I know.
  
  xssinterface works across different top-level and second level-domains because it asks a url from the destination domain to set the cookie.

Get More Comments

Stories, comments, journals, and other submissions on use Perl; are Copyright 1998-2006, their respective owners.