|
|
|
|
|
|
by missblit
962 days ago
|
|
|
Besides windows.open I'd wonder if iframes could also be vulnerable if they launch in the same process. Chrome and Firefox both support Out-Of-Process Iframes as part of their security setup; though I'm not sure if Firefox has it enabled by default yet. Firefox even drew some lovely pictures about it here: https://hacks.mozilla.org/2021/05/introducing-firefox-new-si... |
|
|