|
|
|
|
|
|
by _jsn
4582 days ago
|
|
|
Admirable, but this doesn't really help the scenario where the outer page is intercepted and modified to serve a different iframe. (This is a common attack on pages that e.g. serve login forms over http, even though the form submits to https. Just change the form in-flight.) |
|
|