Hacker News new | ask | show | jobs
by ororlrlrlylyly 4708 days ago
Wait a second, could you not read my google login session cookie from this page with a seamless iframe to a google domain? Again, like the person above, I didn't really understand what's going on here.
2 comments
homakov 4708 days ago
no cookie/XSS or any real vuln here involved. This is completely standard design problem of sandbox domain. Check out http://homakov.github.io/guc.html
link
ororlrlrlylyly 4708 days ago
Oh, btw, also, you may be interested in window.setTimeout.
link
homakov 4708 days ago
i am js jedi, but don't spend much time on PoCs.
link
sluukkonen 4708 days ago
Google uses a different domain for user content, namely googleusercontent.com.
link
ororlrlrlylyly 4708 days ago
What's the definition of "user content"?
link
homakov 4708 days ago
Untrustworthy scripts, HTML, images, email attachments.
link
ororlrlrlylyly 4708 days ago
But I'm logged in! It shows myname in the corner. So obviously you could get that cookie, right?
link
homakov 4708 days ago
Part with yourname is other_origin. I change content of GUC Page 2 using GUC Page 1 through other_origin (translate.google.com). No XSS or cookies. Just standards :D
link
mh- 4707 days ago
I seriously admire your patience in replying to comments.
link