Web Based Application and Basic Cross Domain Security
Cross Domain Security issue is able people attention, as client, site owner or web base developer. With this vulnerability, cross domain security, allowing an attacker to access privat data on client browser in the same browser. We will take the case to clarify the description above by example. Client views a page on a malicious web site, attacker-hacker-site.com and other side is interacting with shopping online, victim-shop-online.com in the same browser, possibly in a different window. Code embedded in the malicious web page from attacker-hacker-site.com might be able to gain access to this user’s session with victim-shop-online.com, learn sensitive data associated with this user within the context of victim-shop-online.com, or maliciously make requests to victim-shop-online.com that appear to originate from this user. This issue was called the vulnerability cross domain security, the interaction of applications on different domains on the same browser used by the client. So, it’s very dangerous.
… continue reading : Web Based Application and Basic Cross Domain Security.
