Referrer Policy

Referrer Policy Source: http://caniuse.com/#feat=referrer-policy There are, atm, 5 different ways referrer policy can be delivered as defined by W3C. Setting [...]

Protected: HIDDEN

This content is password protected. To view it please enter your password below: Password: [...]

Forging Content-Type Header With Flash

You might already know how you can forge HTTP request headers using flash. So, to keep it short, I'm talking about [crayon-5a31e2016a2c6989426946-i/] [...]

Stealing CSVs crossdomain

Back in 2008, Chris Evans found it was possible to steal data cross-domain in Firefox using script includes. We can still read his report [...]

HackerOne XSSI – Stealing multi line strings

I assume you already know what XSSI is. If not, here’s a brief introduction cited from Identifier based XSSI attacks; Cross Site Script Inclusion (XSSI) is [...]