Amir Herzberg wrote:
Lance James wrote:
Amir Herzberg wrote:
Lance James wrote:
...
> https://slam.securescience.com/threats/mixed.html
This site is set so that there is a frame of
https://www.bankone.com inside my
https://slam.securescience.com/threats/mixed.html site. The
imaginativ
Lance James wrote:
Amir Herzberg wrote:
Lance James wrote:
...
> https://slam.securescience.com/threats/mixed.html
This site is set so that there is a frame of https://www.bankone.com
inside my https://slam.securescience.com/threats/mixed.html site. The
imaginative part is that you may hav
Florian Weimer wrote:
* Lance James:
And as stated above, reverse the effect and it would be the banks in
scenarios such as XSS.
In case of XSS or CSRF, you have lost anyway. The web was not
designed as a presentation service for transaction processing,
especially if the transaction
* Lance James:
> And as stated above, reverse the effect and it would be the banks in
> scenarios such as XSS.
In case of XSS or CSRF, you have lost anyway. The web was not
designed as a presentation service for transaction processing,
especially if the transactions involve significant value.
> This site is set so that there is a frame of https://www.bankone.com
> inside my https://slam.securescience.com/threats/mixed.html site. The
> imaginative part is that you may have to reverse the rolls to
understand
> the impact of this (https://www.bankone.com with
> https://slam.securescienc
Amir Herzberg wrote:
Lance James wrote:
...
> https://slam.securescience.com/threats/mixed.html
This site is set so that there is a frame of https://www.bankone.com
inside my https://slam.securescience.com/threats/mixed.html site. The
imaginative part is that you may have to reverse the ro
Florian Weimer wrote:
* Lance James:
Couldn't you just copy (or proxy all content) and get the same effect
without using frames at all?
How would you go about doing that and still get the SSL Lock to remain
as the banks? Can you give an example?
In both cases, you have t
* Lance James:
>>Couldn't you just copy (or proxy all content) and get the same effect
>>without using frames at all?
> How would you go about doing that and still get the SSL Lock to remain
> as the banks? Can you give an example?
In both cases, you have the SSL lock on your own certificate.
Florian Weimer wrote:
* Lance James:
Feature, or flaw?
Couldn't you just copy (or proxy all content) and get the same effect
without using frames at all?
How would you go about doing that and still get the SSL Lock to remain
as the banks? Can you give an example?
Maybe I'm j
Amir Herzberg wrote:
Lance James wrote:
...
> https://slam.securescience.com/threats/mixed.html
This site is set so that there is a frame of https://www.bankone.com
inside my https://slam.securescience.com/threats/mixed.html site. The
imaginative part is that you may have to reverse the ro
* Lance James:
> Feature, or flaw?
Couldn't you just copy (or proxy all content) and get the same effect
without using frames at all?
Maybe I'm just missing something.
-
The Cryptography Mailing List
Unsubscribe by sending "uns
Lance James wrote:
...
> https://slam.securescience.com/threats/mixed.html
This site is set so that there is a frame of https://www.bankone.com
inside my https://slam.securescience.com/threats/mixed.html site. The
imaginative part is that you may have to reverse the rolls to understand
the i
12 matches
Mail list logo