window.error and login checking

Chris pointed me to a new Ajax security hack.

The way it works is by loading a window.onerror handler and then loading a remote site as a <script> tag that will generate a slightly different error when logged in vs. not logged in. That’s pretty clever.

The reason Chris probably chose to add Amazon to this is is because Amazon has a CSRF that will allow you to add any book to the Buy It Now!. Coupled with this script, you can only do it when the attack will actually succeed. Nice.

Hmm, I better check my Amazon account to see if I’ve “accidentally” bought another copy of Chris’s book. 😀

Published by

tychay

light writing, word loving, ❤ coding

Leave a Reply

Your email address will not be published. Required fields are marked *