The port
here is 8080, while the other port is
assumed to be 80.
Table 2-1 How the Same Origin Policy Works when http://foo.com/bar/baz.html Attempts to Load
Certain URLs
24 Hacking Exposed Web 2.0
In this case, if an attacker can inject HTML or JavaScript in http://xyz.foo.com/
anywhere.html, the attacker can inject JavaScript in http://www.foo.com/bar/baz.html,
too. This is done by the attacker first injecting HTML and JavaScript into http://xyz
.foo.com/anywhere.html that sets the document.domain to foo.com, then loads an
iframe to http://www.foo.com/bar/baz.html that also contains a document.domain set
to foo.com, and then accesses the iframe contents via JavaScript. For example, the
following code in http://xyz.foo.com/anywhere.html will execute a JavaScript alert()
box in the www.foo.com domain:
Thus, document.domain allows an attacker to traverse domains.
You cannot put any domain in document.domain. The document.domain must be the
superdomain of the domain from which the page originated, such as foo.com from www.foo.com.
In Firefox and Mozilla browsers, attackers can manipulate document.
Pages:
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89