WordPress.TV

Get Involved

Mike Adams: Developing Secure Widgets: Secure iFrame Communication in a Pre-postMessage World

Share this post Share this Post this

Comments

3 responses to “Mike Adams: Developing Secure Widgets: Secure iFrame Communication in a Pre-postMessage World”

  1. mdawaffe Avatar
    mdawaffe

    Relevant links:

    In development (can you find the bugs?) postMessage library with secure fallback:
    github.com/mdawaffe/xPostMessage

    More details for those looking for inspiration on how to craft real attacks:
    Securing Frame Communication in Browsers:
    A. Barth, C. Jackson, J. C. Mitchell — Stanford Web Security Group
    Proc. of the 17th USENIX Security Symposium. (USENIX Security 2008)
    seclab.stanford.edu/websec/frames/post-message.pdf

    Reply
  2. Mark Jaquith Avatar
    Mark Jaquith

    So people don’t have to watch the whole talk to recall the punchline: Needham—Schroeder Protocol.

    Reply
  3. Daniel Bachhuber Avatar
    Daniel Bachhuber

    Reblogged this on danielbachhuber.

    Reply

Leave a Reply

Video details

Published

August 31, 2011

Tags

Development 226
Plugins 115
widgets 7
WordPress.org 373

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Discover more from WordPress.TV

Subscribe now to keep reading and get access to the full archive.

Continue reading