I was referring to what I sniffed in IPC traffic: NPN_GetProperty is called on "location" and the returned object is NPN_Invoke'd to call "toString"
Isn't this what you mean? If you observed something else, we should figure out what the discrepancy is! On Tue, Jun 9, 2009 at 3:36 PM, Adam Barth <aba...@chromium.org> wrote: > Flash does something similar, but not *precisely* the same. I stand > by my statement that the below is insecure. > > Adam > > > On Mon, Jun 8, 2009 at 8:08 PM, John Abd-El-Malek<j...@chromium.org> wrote: > > BTW this is how Flash does it. > > > > On Mon, Jun 8, 2009 at 7:47 PM, Adam Barth <aba...@chromium.org> wrote: > >> > >> On Mon, Jun 8, 2009 at 1:29 PM, vijay<tec...@gmail.com> wrote: > >> > We used to use NPN_GetURL with "javascript:document.location" as the > >> > URL. In the current implementation, after this script is executed in > >> > WebPluginImpl::ExecuteScript (in src/webkit/glue/webplugin_impl.cc), > >> > its checking the result value: > >> > >> This is not a secure way to determine which page embedded the plug-in. > >> If you require this value to make a security decision, you should use > >> a different approach. > >> > >> Adam > >> > >> > >> > > > > > --~--~---------~--~----~------------~-------~--~----~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~----------~----~----~----~------~----~------~--~---