same-origin-policy
Convenience or Catastrophe? The Dangers of AI Browsers No One is Talking AboutÂ
AI browsers introduce reasoning-based risks. Learn how cross-origin AI agents dismantle web security and what defenses are needed ...
Introducing the Same-origin Policy Whitepaper
Same-origin Policy (SOP) is a set of restrictions originally implemented by Netscape developers to help securely manage the relationships and connections between web resources such as HTML documents and other content, APIs ...
Exploiting Insecure crossdomain.xml to Bypass Same Origin Policy (ActionScript PoC)
Adobe Flash is among the most popular browser plugins and also ships by default with a couple of popular web browsers. Its widespread prevalence has made it a frequent target of attacks ...
Defeating the Same Origin Policy: Part II
In my last post I gave details of how unsigned applets could bypass the same origin policy in order to make arbitrary network connections; the Sun alert for this issue is here ...
Defeating the Same Origin Policy: Part I
So last week Sun released updated versions of the Java Runtime Environment and with them, a host of Sun Alerts. These are neatly summarised on the Sun Security blog. Over the next ...
