Y
Hacker News
new
|
ask
|
show
|
jobs
by
asddubs
1775 days ago
if they were on the same domain you could load iframes with the parent site and do arbitrary CSRF