#same-origin-policy

[ follow ]
#cors #security-vulnerability #webkit-browser-engine #apple-security-update #phishing-attack-vector
Information security
fromComputerWeekly.com
2 days ago

Apple issues first Background patch for WebKit browser flaw | Computer Weekly

Apple released a security update addressing CVE-2026-20643, a WebKit vulnerability allowing attackers to bypass the Same Origin Policy and access data from other websites through maliciously crafted web content.
fromTheregister
3 months ago

Novel clickjacking attack relies on CSS and SVG

Security researcher Lyra Rebane has devised a novel clickjacking attack that relies on Scalable Vector Graphics (SVG) and Cascading Style Sheets (CSS). Rebane demonstrated the technique at BSides Tallinn in October and has now published a summary of her approach. The attack, which has yet to be fully mitigated, relies on the fact that SVG filters can leak information across origins, in violation of the web's same-origin policy.
Information security
#cors
fromHackernoon
5 years ago
Web development

A Developer's Guide to Same-Origin Policy (SOP) and Cross-Origin Resource Sharing (CORS) | HackerNoon

fromHackernoon
5 years ago
Web development

A Developer's Guide to Same-Origin Policy (SOP) and Cross-Origin Resource Sharing (CORS) | HackerNoon

more#cors
[ Load more ]