They don't call it Malware for nothing :-) On Wed, Sep 3, 2014 at 8:11 PM, <> wrote: > > >>so it becomes a part of the client side page request > "against your will" as it were. > > Yes, but this rises a question: > If my window.onerror can get events from some plugin code, this means that > this code is embeded and is treated as if it belonged to my window. > Thus, it has access to everything in my window, including the document, > forms, input fields in the forms, even those containing passwords, etc. > > What kind of breach is that? > > >
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:359228 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
