Gal Weizman
@weizman.bsky.social
Security (Browser / JavaScript / Client-side) | Focusing on the “Same Origin Concern” | Unfriendly to iframes at MetaMask’s LavaMoat 🌋
"iframes can either share the origin of their embedder or not. While XO iframes are useful and well-used across the web, what are SO iframes used for? Aside for malicious ways to use such iframes, are there any legitimate use cases for them?"
weizmangal.com/2024/12/04/s...
weizmangal.com/2024/12/04/s...
What same origin iframes are used for?
iframes can either share the origin of their embedder or not. While cross-origin iframes are highly useful and are well-used across the web, what are same-origin iframes used for? Aside for malicious ...
weizmangal.com
December 4, 2024 at 1:34 PM
"iframes can either share the origin of their embedder or not. While XO iframes are useful and well-used across the web, what are SO iframes used for? Aside for malicious ways to use such iframes, are there any legitimate use cases for them?"
weizmangal.com/2024/12/04/s...
weizmangal.com/2024/12/04/s...
Tell it it’s wrong, always works for me
November 24, 2024 at 8:34 PM
Tell it it’s wrong, always works for me