|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Browser bugs hit IE, Firefox today (SANS)
From: 3CO (threecheeseopera
gmail.com)
Date: Wed Jul 12 2006 - 14:52:55 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 7/4/06, Thor Larholm <thorpolypath.com> wrote:
> However, reading the contentDocument property of the DOM element instead
> of the through the frames collection will give you a reference to the
> document object inside the thirdparty domain and even allow you to
> overwrite native DOM methods without throwing a security exception, such
> as
> document.getElementById("thirdparty").contentDocument.getElementById=function(s){alert(s)}.
This code throws an exception in Firefox 1.5.0.4:
"Error: uncaught exception: Permission denied to set property
HTMLDocument.getElementById
"
Just obtaining a reference to the contentDocument works, but any
action on it throws an error.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]