|
|
|
|
|
|
by M4v3R
4855 days ago
|
|
|
It's not that hard. The browser could simply check against the limits on the subdomain in current top window frame, not individually for all frames/iframes in the document. I guess that Firefox does something along the lines of this that makes it immune to this exploit. |
|
|