|
|
|
|
|
|
by ubernostrum
3290 days ago
|
|
|
If you could find a way of compromising that CVE-2011-0696 (the Django version of a bug that did affect several major things) is what happens when you find a way of getting the browser to make a cross-domain request with custom headers. (the underlying issue there was a combination of a bug in Flash, and the semantics of the HTTP 307 status code) |
|
|