ZB talks about yet another really interesting supply chain ecosystem security concern
Spoiler alert: as always, this results in another wonderful LavaMoat security tool so you can protect yourself against this one too 🫡
30.01.2025 07:51 — 👍 2 🔁 0 💬 0 📌 0
Yoav was the one who helped me navigate attempting to introduce new stuff into our web, it's worth reading his summary of the process
21.01.2025 09:16 — 👍 4 🔁 1 💬 0 📌 0
What same origin iframes are used for?
iframes can either share the origin of their embedder or not. While cross-origin iframes are highly useful and are well-used across the web, what are same-origin iframes used for? Aside for malicious ...
"iframes can either share the origin of their embedder or not. While XO iframes are useful and well-used across the web, what are SO iframes used for? Aside for malicious ways to use such iframes, are there any legitimate use cases for them?"
weizmangal.com/2024/12/04/s...
04.12.2024 13:33 — 👍 0 🔁 1 💬 0 📌 0
Guided by @yoav.ws and other great folks on the same origin concern, I had to get my hands dirty with all sorts of web-related things such as Chromium source code, SOP implementation, same vs cross origin iframes usage across the web and more
Decided to turn it into a post👇
04.12.2024 13:33 — 👍 2 🔁 0 💬 1 📌 0
Tell it it’s wrong, always works for me
24.11.2024 20:34 — 👍 2 🔁 0 💬 0 📌 0
