Paid Advertising is
ha.ckers sla.cking
Q and A on cross site request forgeries and breaking into sessions. It's one of the attacks that XSS enables and the attack of the future. For Session, fixations, hijacking, lockout, replay, session riding etc.... 

Current Page: 1 of 1
Results 1 - 1 of 1
5 years ago
Does anybody have a link to either a theoretical discussion or general issues surrounding the fact that an iframe busting technique like this works (from within an iframe): if ( !== window.self) { setTimeout(function(){document.body.innerHTML='';},1);window.self.onload=function(evt){document.body.innerHTML='';};} But this does not: var1 =; document.write(var
Forum: CSRF and Session Info
Current Page: 1 of 1