Stories
Slash Boxes
Comments
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
 Full
 Abbreviated
 Hidden
More | Login | Reply
Loading... please wait.
  • I vaguely recall a similar technique described on http://www.ajaxian.com/ [ajaxian.com] some weeks ago. You might search their archive.

    Also, your demo page shows different subdomains of the same domain; IIRC, some browser(s) only restrict access to the first level above the TLD ? Have you verified between, say, yahoo.com and google.com ?

    • Do you mean the postMessage() [ajaxian.com] article? That's similar, but it is only implemented in opera as far as I know.

      xssinterface works across different top-level and second level-domains because it asks a url from the destination domain to set the cookie.