Thank you Boris and Daniel, for the information.
Den 10-12-2012 03:11Boris Zbarsky skrev:
1) Loading a cross-site file that can be decoded as an image allows
access to the width and height of the image.
Is this also true for video?
2) Loading a cross-site file with a text/css MIME type a
On 12/8/2012 3:04 PM, Jesper Kristensen wrote:
Related things: XSS is unrelated to my question. CORS allows me to do
the opposite of what I want. CSP restricts how my code can access any
data, whereas I want to restrict how any code can access my data.
CSP may or may not in the future try to pr
On 12/8/12 6:04 PM, Jesper Kristensen wrote:
My web application displays some sensitive information to a logged in
user. The user visits another site without explicitly logging out of my
site first. How do I ensure that the other site can not access the
sensitive information without accept from m
I have been trying to figure out what restriction browsers enforce for
cross origin data access. I would like to find the answer to the
following question:
My web application displays some sensitive information to a logged in
user. The user visits another site without explicitly logging out of