Frederik De Keukelaere [EMAIL PROTECTED] writes:
Would you mind sharing the different data formats you came across for
exchanging data in mashups/Web 2.0? Considering the challenges you
recently discovered, it might be good to have such an overview to look at
it from a security point of view.
Hi Brian, Hi Stefano,
snip
Ok I see the difference.
You are taking advantage of a pure json CSRF with a evil script which
contains a modified version of the Object prototype.
And when the callback function is executed you use a XMLHttpRequest in
order to send the information extracted by
Brian,
i don't know if you read it but me and Giorgio Fedon presented a paper
named Subverting Ajax at 23rd CCC Congress.
(4th section XSS Prototype Hijacking)
http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf
It described a technique called Prototype Hijacking,
Paola [EMAIL PROTECTED]
Date: Mon, 02 Apr 2007 11:11:24 +0200
To: sc-l@securecoding.org sc-l@securecoding.org
Cc: Brian Chess [EMAIL PROTECTED]
Subject: Re: [SC-L] JavaScript Hijacking
Brian,
i don't know if you read it but me and Giorgio Fedon presented a paper
named Subverting Ajax at 23rd
I've been getting questions about Ajax/Web 2.0 for a few years now. Most of
the time the first question is along these lines: Does Ajax cause any new
security problems? Until recently, my answer has been right in line with
the answers I've heard from other corners of the world: No.
Then I've