Sunday, 15 August 2010

security - Why same origin policy for XMLHttpRequest -


Why do browsers apply the same basic policy to XMLHttpRequest? It's really inconvenient for the developers, but it seems that this is very little action in preventing hackers, they can still include Javascript from external sources (the power behind JSONP).

It looks like an old "feature" which is closely related to each other.

Because an XMLHttpRequest user passes the authentication token if the user exceeds the original proof or some cookies for example When the loggers were logged on, the attacker visited the site, the latter site could create XMLHttpRequest for example.com with full authorization to that user and read any personal page that the user (then

Because it is easy to insert a secret token in webpage pages There is a way to stop S-site-request-counterfeiting attacks, which means that the attacker.com can take any on-page action, the user could communicate with them at no time, or interact with them. Global XMLHttpRequest Global cross-site-scripting.

(Even if you had a version of XMLHttpRequest that did not pass authentication, then there are still problems. For example, an attacker might have other non- Your intran On public machines and read any file that can be downloaded to them, which may not be for public consumption. & lt; Script & gt; Tags already suffer from this kind of vulnerability, but the readable reactions of XMLHttpRequest can leak all types of files instead of those created by some unfortunately, which are parsed as JavaScript You can.)


No comments:

Post a Comment