SlideShare a Scribd company logo

Breaking The Cross Domain Barrier

Download as PPT, PDF
Alex Sexton
Alex Sexton

If you had to rank the best and worst moments of your JavaScript life, you’d probably rank reading “The Good Parts” up towards the top, and deep down at the bottom of the list would be the day that you found out that you couldn’t make cross-domain requests in the browser. This talk covers the hacks, tips, and tricks to leave the Same Origin Policy in the dust. So grab a cookie, pad your JSON, and learn how to communicate properly.

Technology
1 of 47
Breaking The Cross Domain Barrier ,[object Object]
A Story... ,[object Object],[object Object],[object Object]
Same Origin Policy ,[object Object],[object Object]
Same Origin Policy It’s actually an important rule. You wouldn’t want to have this happen:
Same Origin Policy It’s actually an important rule. You wouldn’t want to have this happen:
YEA BUT WHAT IF... ,[object Object],[object Object],[object Object]
The Solution ,[object Object]
THE END. ,[object Object]
<RecordScratch.wav> ,[object Object],[object Object],[object Object]
Some Options ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Post Message ,[object Object],[object Object]
Post Message ,[object Object]
Post Message ,[object Object],[object Object],[object Object],[object Object],What’s it good for?
Post Message Works In... ,[object Object],[object Object],[object Object],[object Object],[object Object]
JSONP ,[object Object]
JSONEN JavaScript Object Notation Except Not **Formerly JSONP
JSON ,[object Object],[object Object],[object Object]
JSONP ,[object Object]
JSONP - Why it’s special ,[object Object],[object Object]
How JSONP Works ,[object Object]
How JSONP Works ,[object Object],hint-hint
How JSONP Works ,[object Object]
JSONP Is Good For... ,[object Object],[object Object],[object Object],[object Object]
CORS | Tap the Rockies ,[object Object]
CORS - HOW?
CORS - HOW? ,[object Object]
CORS - From the Server... ,[object Object],[object Object]
CORS - Compatibility ,[object Object],[object Object],[object Object],[object Object],Unrelated Graph
CORS - What’s it Good For? ,[object Object],[object Object],[object Object],[object Object],[object Object]
Document.domain Hackz ,[object Object],[object Object],[object Object],[object Object]
Window.name HI! I’m Jerry the Window!
Window.name ,[object Object],[object Object],**This is obviously a little simplified Added to Dojo 2 years ago: http://bugs.dojotoolkit.org/ticket/6893
Server Side Proxies ,[object Object],mySite yourSite myServer http://benalman.com/projects/php-simple-proxy/ Works everywhere XHR does
Crazy iFrame Hacks ,[object Object],[object Object],[object Object],FACTS
Crazy iFrame Hacks ,[object Object],a.com b.com a.com
Crazy iFrame Hacks ,[object Object],a.com b.com a.com Change the url hash on the innermost iframe to the message /#secret
Crazy iFrame Hacks ,[object Object],a.com b.com a.com Have the top level frame read the message on the hash /#secret
Crazy iFrame Hacks ,[object Object],[object Object],[object Object],How to know when to receive data Fast (where it works)
Crazy iFrame Hacks ,[object Object],[object Object]
Best of both worlds? ,[object Object],A library that will use postMessage first and then a series of different techniques based on which browser you use, but with normalized syntax. http://easyxdm.net/
Best of Both Worlds? ,[object Object],http://flxhr.flensed.com/
What about cookies? ,[object Object],[object Object]
What about cookies in Safari? ,[object Object],[object Object]
What about cookies in Safari? If we post to an iframe it will thank us by sending cookies http://anantgarg.com/2010/02/18/cross-domain-cookies-in-safari/
Why Cookies? ,[object Object],TotallyNotTrackingYou.com Other Sites Holds your unique cookie
Lessons ,[object Object],[object Object],[object Object]
Thanks! ,[object Object],[object Object],[object Object],[object Object],[object Object]

Recommended

Core Web Vitals: Google New Ranking Factor
Core Web Vitals: Google New Ranking FactorCore Web Vitals: Google New Ranking Factor
Core Web Vitals: Google New Ranking Factor
EneblurConsultingweb
 
2024 SEO Success Guide
2024 SEO Success Guide2024 SEO Success Guide
2024 SEO Success Guide
Top IT Marketing
 
Google Tag Manager | Google Tag Manager Tutorial 2019 | Google Tag Manager Se...
Google Tag Manager | Google Tag Manager Tutorial 2019 | Google Tag Manager Se...Google Tag Manager | Google Tag Manager Tutorial 2019 | Google Tag Manager Se...
Google Tag Manager | Google Tag Manager Tutorial 2019 | Google Tag Manager Se...
Simplilearn
 
How to Prepare Your Brand for Upcoming AI Features in Search
How to Prepare Your Brand for Upcoming AI Features in SearchHow to Prepare Your Brand for Upcoming AI Features in Search
How to Prepare Your Brand for Upcoming AI Features in Search
Lily Ray
 
SGE, New Features in Google Search & How to Respond.pdf
SGE, New Features in Google Search & How to Respond.pdfSGE, New Features in Google Search & How to Respond.pdf
SGE, New Features in Google Search & How to Respond.pdf
Lily Ray
 
Core Web Vitals - The Modern Web Experience
Core Web Vitals - The Modern Web ExperienceCore Web Vitals - The Modern Web Experience
Core Web Vitals - The Modern Web Experience
Cakra Danu Sedayu
 
Introduction core web vitals
Introduction core web vitalsIntroduction core web vitals
Introduction core web vitals
SortdMediology
 
On Page SEO
On Page SEOOn Page SEO
On Page SEO
Abhishek Mitra
 

Recommended

Core Web Vitals: Google New Ranking Factor
Core Web Vitals: Google New Ranking FactorCore Web Vitals: Google New Ranking Factor
Core Web Vitals: Google New Ranking Factor
EneblurConsultingweb
 
2024 SEO Success Guide
2024 SEO Success Guide2024 SEO Success Guide
2024 SEO Success Guide
Top IT Marketing
 
Google Tag Manager | Google Tag Manager Tutorial 2019 | Google Tag Manager Se...
Google Tag Manager | Google Tag Manager Tutorial 2019 | Google Tag Manager Se...Google Tag Manager | Google Tag Manager Tutorial 2019 | Google Tag Manager Se...
Google Tag Manager | Google Tag Manager Tutorial 2019 | Google Tag Manager Se...
Simplilearn
 
How to Prepare Your Brand for Upcoming AI Features in Search
How to Prepare Your Brand for Upcoming AI Features in SearchHow to Prepare Your Brand for Upcoming AI Features in Search
How to Prepare Your Brand for Upcoming AI Features in Search
Lily Ray
 
SGE, New Features in Google Search & How to Respond.pdf
SGE, New Features in Google Search & How to Respond.pdfSGE, New Features in Google Search & How to Respond.pdf
SGE, New Features in Google Search & How to Respond.pdf
Lily Ray
 
Core Web Vitals - The Modern Web Experience
Core Web Vitals - The Modern Web ExperienceCore Web Vitals - The Modern Web Experience
Core Web Vitals - The Modern Web Experience
Cakra Danu Sedayu
 
Introduction core web vitals
Introduction core web vitalsIntroduction core web vitals
Introduction core web vitals
SortdMediology
 
On Page SEO
On Page SEOOn Page SEO
On Page SEO
Abhishek Mitra
 
Internal Linking
Internal LinkingInternal Linking
Internal Linking
SysComm international
 
Formation Google Analytics 4 -GA4
Formation Google Analytics 4 -GA4Formation Google Analytics 4 -GA4
Formation Google Analytics 4 -GA4
Michaël Le Hoang
 
YouTube SEO ( A guide to YouTube SEO)
YouTube SEO ( A guide to YouTube SEO)YouTube SEO ( A guide to YouTube SEO)
YouTube SEO ( A guide to YouTube SEO)
Abhishek Das Roy
 
SEO Strategy Guide [2019]
SEO Strategy Guide [2019] SEO Strategy Guide [2019]
SEO Strategy Guide [2019]
Sachin Thakare (SEO Expert )
 
A Complete SEO Audit Template. Includes Actionable Tips & Insights
A Complete SEO Audit Template. Includes Actionable Tips & InsightsA Complete SEO Audit Template. Includes Actionable Tips & Insights
A Complete SEO Audit Template. Includes Actionable Tips & Insights
Web Marketing Academy. Digital Marketing Training Bangalore
 
Introduction of wordpress, Wordpress Training Ahmedabad, Wordpress Class Ahme...
Introduction of wordpress, Wordpress Training Ahmedabad, Wordpress Class Ahme...Introduction of wordpress, Wordpress Training Ahmedabad, Wordpress Class Ahme...
Introduction of wordpress, Wordpress Training Ahmedabad, Wordpress Class Ahme...
NicheTech Com. Solutions Pvt. Ltd.
 
On-Site SEO Audit Example
On-Site SEO Audit ExampleOn-Site SEO Audit Example
On-Site SEO Audit Example
James Allen
 
Wordpress
WordpressWordpress
Wordpress
Arjun Srivastava
 
SEO Reporting for Success at #FOS22
SEO Reporting for Success at #FOS22SEO Reporting for Success at #FOS22
SEO Reporting for Success at #FOS22
Aleyda Solís
 
Generative AI and SEO
Generative AI and SEOGenerative AI and SEO
Generative AI and SEO
Jason Packer
 
Advanced seo guide
Advanced seo guideAdvanced seo guide
Advanced seo guide
Connecticut SEO Experts
 
Ecommerce SEO - How to Prepare for 2023 - Himani Kankaria.pdf
Ecommerce SEO - How to Prepare for 2023 - Himani Kankaria.pdfEcommerce SEO - How to Prepare for 2023 - Himani Kankaria.pdf
Ecommerce SEO - How to Prepare for 2023 - Himani Kankaria.pdf
Himani Kankaria
 
Seo Analysis Report
Seo Analysis ReportSeo Analysis Report
Seo Analysis Report
Dipali Thakkar
 
WAI-ARIAの考え方と使い方を整理しよう
WAI-ARIAの考え方と使い方を整理しようWAI-ARIAの考え方と使い方を整理しよう
WAI-ARIAの考え方と使い方を整理しよう
Nozomi Sawada
 
Introduction to Search Engine Optimization
Introduction to Search Engine OptimizationIntroduction to Search Engine Optimization
Introduction to Search Engine Optimization
Online Marketing Institute & Training Pvt Ltd
 
SEO Audit Report PowerPoint Presentation Slides
SEO Audit Report PowerPoint Presentation SlidesSEO Audit Report PowerPoint Presentation Slides
SEO Audit Report PowerPoint Presentation Slides
SlideTeam
 
Core Web Vitals Optimization for any website, especially WordPress
Core Web Vitals Optimization for any website, especially WordPressCore Web Vitals Optimization for any website, especially WordPress
Core Web Vitals Optimization for any website, especially WordPress
ClementYo
 
1-01: Introduction To Web Development
1-01: Introduction To Web Development1-01: Introduction To Web Development
1-01: Introduction To Web Development
apnwebdev
 
Testing with JUnit 5 and Spring
Testing with JUnit 5 and SpringTesting with JUnit 5 and Spring
Testing with JUnit 5 and Spring
VMware Tanzu
 
Google E-E-A-T - Learn It, Live It, Love It.pptx
Google E-E-A-T - Learn It, Live It, Love It.pptxGoogle E-E-A-T - Learn It, Live It, Love It.pptx
Google E-E-A-T - Learn It, Live It, Love It.pptx
Wellspring Digital
 
Cross site calls with javascript - the right way with CORS
Cross site calls with javascript - the right way with CORSCross site calls with javascript - the right way with CORS
Cross site calls with javascript - the right way with CORS
Michael Neale
 
CORS - Enable Alfresco for CORS
CORS - Enable Alfresco for CORSCORS - Enable Alfresco for CORS
CORS - Enable Alfresco for CORS
Jared Ottley
 

More Related Content

What's hot

1-01: Introduction To Web Development
1-01: Introduction To Web Development1-01: Introduction To Web Development
1-01: Introduction To Web Development
apnwebdev
 
Google E-E-A-T - Learn It, Live It, Love It.pptx
Google E-E-A-T - Learn It, Live It, Love It.pptxGoogle E-E-A-T - Learn It, Live It, Love It.pptx
Google E-E-A-T - Learn It, Live It, Love It.pptx
Wellspring Digital
 

What's hot (20)

Internal Linking
Internal LinkingInternal Linking
Internal Linking
 
Formation Google Analytics 4 -GA4
Formation Google Analytics 4 -GA4Formation Google Analytics 4 -GA4
Formation Google Analytics 4 -GA4
 
YouTube SEO ( A guide to YouTube SEO)
YouTube SEO ( A guide to YouTube SEO)YouTube SEO ( A guide to YouTube SEO)
YouTube SEO ( A guide to YouTube SEO)
 
SEO Strategy Guide [2019]
SEO Strategy Guide [2019] SEO Strategy Guide [2019]
SEO Strategy Guide [2019]
 
A Complete SEO Audit Template. Includes Actionable Tips & Insights
A Complete SEO Audit Template. Includes Actionable Tips & InsightsA Complete SEO Audit Template. Includes Actionable Tips & Insights
A Complete SEO Audit Template. Includes Actionable Tips & Insights
 
Introduction of wordpress, Wordpress Training Ahmedabad, Wordpress Class Ahme...
Introduction of wordpress, Wordpress Training Ahmedabad, Wordpress Class Ahme...Introduction of wordpress, Wordpress Training Ahmedabad, Wordpress Class Ahme...
Introduction of wordpress, Wordpress Training Ahmedabad, Wordpress Class Ahme...
 
On-Site SEO Audit Example
On-Site SEO Audit ExampleOn-Site SEO Audit Example
On-Site SEO Audit Example
 
Wordpress
WordpressWordpress
Wordpress
 
SEO Reporting for Success at #FOS22
SEO Reporting for Success at #FOS22SEO Reporting for Success at #FOS22
SEO Reporting for Success at #FOS22
 
Generative AI and SEO
Generative AI and SEOGenerative AI and SEO
Generative AI and SEO
 
Advanced seo guide
Advanced seo guideAdvanced seo guide
Advanced seo guide
 
Ecommerce SEO - How to Prepare for 2023 - Himani Kankaria.pdf
Ecommerce SEO - How to Prepare for 2023 - Himani Kankaria.pdfEcommerce SEO - How to Prepare for 2023 - Himani Kankaria.pdf
Ecommerce SEO - How to Prepare for 2023 - Himani Kankaria.pdf
 
Seo Analysis Report
Seo Analysis ReportSeo Analysis Report
Seo Analysis Report
 
WAI-ARIAの考え方と使い方を整理しよう
WAI-ARIAの考え方と使い方を整理しようWAI-ARIAの考え方と使い方を整理しよう
WAI-ARIAの考え方と使い方を整理しよう
 
Introduction to Search Engine Optimization
Introduction to Search Engine OptimizationIntroduction to Search Engine Optimization
Introduction to Search Engine Optimization
 
SEO Audit Report PowerPoint Presentation Slides
SEO Audit Report PowerPoint Presentation SlidesSEO Audit Report PowerPoint Presentation Slides
SEO Audit Report PowerPoint Presentation Slides
 
Core Web Vitals Optimization for any website, especially WordPress
Core Web Vitals Optimization for any website, especially WordPressCore Web Vitals Optimization for any website, especially WordPress
Core Web Vitals Optimization for any website, especially WordPress
 
1-01: Introduction To Web Development
1-01: Introduction To Web Development1-01: Introduction To Web Development
1-01: Introduction To Web Development
 
Testing with JUnit 5 and Spring
Testing with JUnit 5 and SpringTesting with JUnit 5 and Spring
Testing with JUnit 5 and Spring
 
Google E-E-A-T - Learn It, Live It, Love It.pptx
Google E-E-A-T - Learn It, Live It, Love It.pptxGoogle E-E-A-T - Learn It, Live It, Love It.pptx
Google E-E-A-T - Learn It, Live It, Love It.pptx
 

Viewers also liked

Modern iframe programming
Modern iframe programmingModern iframe programming
Modern iframe programming
benvinegar
 
Cross Origin Resource Sharing
Cross Origin Resource SharingCross Origin Resource Sharing
Cross Origin Resource Sharing
Luke Weerasooriya
 
When you don't have 0days: client-side exploitation for the masses
When you don't have 0days: client-side exploitation for the massesWhen you don't have 0days: client-side exploitation for the masses
When you don't have 0days: client-side exploitation for the masses
Michele Orru
 
Integral Ad Science Viewability Presentation
Integral Ad Science Viewability PresentationIntegral Ad Science Viewability Presentation
Integral Ad Science Viewability Presentation
Integral Ad Science
 
JavaScript Avanzado
JavaScript AvanzadoJavaScript Avanzado
JavaScript Avanzado
Adolfo Sanz De Diego
 
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Alvaro Sanchez-Mariscal
 

Viewers also liked (20)

Cross site calls with javascript - the right way with CORS
Cross site calls with javascript - the right way with CORSCross site calls with javascript - the right way with CORS
Cross site calls with javascript - the right way with CORS
 
CORS - Enable Alfresco for CORS
CORS - Enable Alfresco for CORSCORS - Enable Alfresco for CORS
CORS - Enable Alfresco for CORS
 
Modern iframe programming
Modern iframe programmingModern iframe programming
Modern iframe programming
 
Cross-domain requests with CORS
Cross-domain requests with CORSCross-domain requests with CORS
Cross-domain requests with CORS
 
CORS and (in)security
CORS and (in)securityCORS and (in)security
CORS and (in)security
 
Cross Origin Resource Sharing
Cross Origin Resource SharingCross Origin Resource Sharing
Cross Origin Resource Sharing
 
Machine Learning
Machine LearningMachine Learning
Machine Learning
 
Stop-Loss - как это работает
Stop-Loss - как это работаетStop-Loss - как это работает
Stop-Loss - как это работает
 
Cross domain knowledge discovery, complex system theory and semantic web
Cross domain knowledge discovery, complex system theory and semantic webCross domain knowledge discovery, complex system theory and semantic web
Cross domain knowledge discovery, complex system theory and semantic web
 
HTML5 hacking
HTML5 hackingHTML5 hacking
HTML5 hacking
 
Google guava - almost everything you need to know
Google guava - almost everything you need to knowGoogle guava - almost everything you need to know
Google guava - almost everything you need to know
 
Cookie testing
Cookie testingCookie testing
Cookie testing
 
When you don't have 0days: client-side exploitation for the masses
When you don't have 0days: client-side exploitation for the massesWhen you don't have 0days: client-side exploitation for the masses
When you don't have 0days: client-side exploitation for the masses
 
iOS WebView App
iOS WebView AppiOS WebView App
iOS WebView App
 
Integral Ad Science Viewability Presentation
Integral Ad Science Viewability PresentationIntegral Ad Science Viewability Presentation
Integral Ad Science Viewability Presentation
 
JavaScript Avanzado
JavaScript AvanzadoJavaScript Avanzado
JavaScript Avanzado
 
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
 
(Не)безопасный frontend
(Не)безопасный frontend(Не)безопасный frontend
(Не)безопасный frontend
 
Y Combinator Startup Class #1 : Ideas, Products, Teams and Execution (Part 1)
Y Combinator Startup Class #1 : Ideas, Products, Teams and Execution (Part 1)Y Combinator Startup Class #1 : Ideas, Products, Teams and Execution (Part 1)
Y Combinator Startup Class #1 : Ideas, Products, Teams and Execution (Part 1)
 
How to start a Startup - Sam Altman
How to start a Startup - Sam AltmanHow to start a Startup - Sam Altman
How to start a Startup - Sam Altman
 

Similar to Breaking The Cross Domain Barrier

Browser Horror Stories
Browser Horror StoriesBrowser Horror Stories
Browser Horror Stories
EC-Council
 
Bringing The Sexy Back To WebWorkers
Bringing The Sexy Back To WebWorkersBringing The Sexy Back To WebWorkers
Bringing The Sexy Back To WebWorkers
Corey Clark, Ph.D.
 
Web technologies lesson 1
Web technologies lesson 1Web technologies lesson 1
Web technologies lesson 1
nhepner
 
Douglas - Real JavaScript
Douglas - Real JavaScriptDouglas - Real JavaScript
Douglas - Real JavaScript
d0nn9n
 

Similar to Breaking The Cross Domain Barrier (20)

Design Reviewing The Web
Design Reviewing The WebDesign Reviewing The Web
Design Reviewing The Web
 
Dmk Bo2 K7 Web
Dmk Bo2 K7 WebDmk Bo2 K7 Web
Dmk Bo2 K7 Web
 
Web Browsers And Other Mistakes
Web Browsers And Other MistakesWeb Browsers And Other Mistakes
Web Browsers And Other Mistakes
 
Browser Internals-Same Origin Policy
Browser Internals-Same Origin PolicyBrowser Internals-Same Origin Policy
Browser Internals-Same Origin Policy
 
Web Browsers And Other Mistakes
Web Browsers And Other MistakesWeb Browsers And Other Mistakes
Web Browsers And Other Mistakes
 
Everybody loves html5,h4ck3rs too
Everybody loves html5,h4ck3rs tooEverybody loves html5,h4ck3rs too
Everybody loves html5,h4ck3rs too
 
How To Be A Hacker
How To Be A HackerHow To Be A Hacker
How To Be A Hacker
 
XSS Without Browser
XSS Without BrowserXSS Without Browser
XSS Without Browser
 
Real-Time with Flowdock
Real-Time with FlowdockReal-Time with Flowdock
Real-Time with Flowdock
 
Browser Horror Stories
Browser Horror StoriesBrowser Horror Stories
Browser Horror Stories
 
DEF CON 27 - BEN SADEGHIPOUR - owning the clout through ssrf and pdf generators
DEF CON 27 - BEN SADEGHIPOUR - owning the clout through ssrf and pdf generatorsDEF CON 27 - BEN SADEGHIPOUR - owning the clout through ssrf and pdf generators
DEF CON 27 - BEN SADEGHIPOUR - owning the clout through ssrf and pdf generators
 
Bringing The Sexy Back To WebWorkers
Bringing The Sexy Back To WebWorkersBringing The Sexy Back To WebWorkers
Bringing The Sexy Back To WebWorkers
 
Jinx - Malware 2.0
Jinx - Malware 2.0Jinx - Malware 2.0
Jinx - Malware 2.0
 
Transforming WebSockets
Transforming WebSocketsTransforming WebSockets
Transforming WebSockets
 
Building Desktop RIAs with JavaScript and PHP - ZendCon09
Building Desktop RIAs with JavaScript and PHP - ZendCon09Building Desktop RIAs with JavaScript and PHP - ZendCon09
Building Desktop RIAs with JavaScript and PHP - ZendCon09
 
Web technologies lesson 1
Web technologies lesson 1Web technologies lesson 1
Web technologies lesson 1
 
Be ef presentation-securitybyte2011-michele_orru
Be ef presentation-securitybyte2011-michele_orruBe ef presentation-securitybyte2011-michele_orru
Be ef presentation-securitybyte2011-michele_orru
 
Douglas - Real JavaScript
Douglas - Real JavaScriptDouglas - Real JavaScript
Douglas - Real JavaScript
 
Intro to advanced web development
Intro to advanced web developmentIntro to advanced web development
Intro to advanced web development
 
All of Javascript
All of JavascriptAll of Javascript
All of Javascript
 

Recently uploaded

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Roshan Dwivedi
 

Recently uploaded (20)

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 

Breaking The Cross Domain Barrier

  • 1.
  • 2.
  • 3.
  • 4. Same Origin Policy It’s actually an important rule. You wouldn’t want to have this happen:
  • 5. Same Origin Policy It’s actually an important rule. You wouldn’t want to have this happen:
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16. JSONEN JavaScript Object Notation Except Not **Formerly JSONP
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
  • 26.
  • 27.
  • 28.
  • 29.
  • 30.
  • 31. Window.name HI! I’m Jerry the Window!
  • 32.
  • 33.
  • 34.
  • 35.
  • 36.
  • 37.
  • 38.
  • 39.
  • 40.
  • 41.
  • 42.
  • 43.
  • 44. What about cookies in Safari? If we post to an iframe it will thank us by sending cookies http://anantgarg.com/2010/02/18/cross-domain-cookies-in-safari/
  • 45.
  • 46.
  • 47.