Is this treated with the same way that says that Remote File Inclusion is not a security issue ?
You don't follow? Implying ? I understand why nobody likes Google. If I 've found a vulnerability and been treated like that for trying to help, I would rather sell it to the black market or to some government. The NSA maybe is happy to buy a RFI on Google, im sure they could make good use of that. Google is very deceptive in security matters. --- [email protected] wrote: From: Michal Zalewski <[email protected]> To: [email protected] Cc: [email protected], full-disclosure <[email protected]> Subject: Re: [Full-disclosure] Fwd: Google vulnerabilities with PoC Date: Sat, 15 Mar 2014 10:59:40 -0700 > A hacker exploits a JSON (javascript) object that has information of interest > for example holding some values for cookies. A lot of times that exploits the > same policy origin. The JSON object returned from a server can be forged over > writing javascript function that create the object. This happens because of > the same origin policy problem in browsers that cannot say if js execution it > different for two different sites. To be honest, I'm not sure I follow, but I'm fairly confident that my original point stands. If you believe that well-formed JSON objects without padding can be read across origins within the browser, I would love to see more information about that. (In this particular case, it still wouldn't matter because the response doesn't contain secrets, but it would certainly break a good chunk of the Internet.) JSONP is a different animal. /mz _____________________________________________________________ Are you a Techie? Get Your Free Tech Email Address Now! Visit http://www.TechEmail.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
