Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
From what I understand document.cookie only gets your cookies for the current site you are on. Would it be possible for a malicious site to get around this by using an iFrame, modifying my HTTP header, making a request to the target site or some other method?
DNS Rebinding can be used to bypass Same Origin Policy (SOP) used by browsers to prevent one web site reading other website data like cookies, dom etc
Here is a great video to learn how it works and how to prevent it.