Defacing Facebook: A Security Case Study

http-only cookies and make them available via the JavaScript …. wallpost.php server script, passing the hidden values and UID as ….

More PDF Content

Defacing Facebook: A Security Case Study
The DOM provides built-in isolation for third-party code in iFrames. The Same Origin Policy prevents the applications from accessing any of the content from the Facebook servers, including the cookie and the form IDs. However, unlike parsed FBML code, Facebook must pass all user and viewer information to the application. This limits Facebook’s privacy control

Download Defacing Facebook: A Security Case Study pdf from www.cs.berkeley.edu, 5 pages, 88.82KB.
Related Books

Leave a Reply