I was referring to what I sniffed in IPC traffic:
NPN_GetProperty is called on "location"
and the returned object is NPN_Invoke'd to call "toString"
Isn't this what you mean? If you observed something else, we should figure
out what the discrepancy is!
On Tue, Jun 9, 2009 at 3:36 PM, Adam Barth <aba...@chromium.org> wrote:
> Flash does something similar, but not *precisely* the same. I stand
> by my statement that the below is insecure.
>
> Adam
>
>
> On Mon, Jun 8, 2009 at 8:08 PM, John Abd-El-Malek<j...@chromium.org> wrote:
> > BTW this is how Flash does it.
> >
> > On Mon, Jun 8, 2009 at 7:47 PM, Adam Barth <aba...@chromium.org> wrote:
> >>
> >> On Mon, Jun 8, 2009 at 1:29 PM, vijay<tec...@gmail.com> wrote:
> >> > We used to use NPN_GetURL with "javascript:document.location" as the
> >> > URL. In the current implementation, after this script is executed in
> >> > WebPluginImpl::ExecuteScript (in src/webkit/glue/webplugin_impl.cc),
> >> > its checking the result value:
> >>
> >> This is not a secure way to determine which page embedded the plug-in.
> >> If you require this value to make a security decision, you should use
> >> a different approach.
> >>
> >> Adam
> >>
> >> > >>
> >
> >
>
--~--~---------~--~----~------------~-------~--~----~
Chromium Developers mailing list: chromium-dev@googlegroups.com
View archives, change email options, or unsubscribe:
http://groups.google.com/group/chromium-dev
-~----------~----~----~----~------~----~------~--~---
