The Source Map Proposal mentions possible XSSI attacks that make the source maps "available to attackers".
Can someone explain how that is a security problem? Aren't "attackers" able to download the source maps directly?
Asked
Active
Viewed 311 times
1 Answers
0
That would be a problem if the source maps contain information based on the requestor's cookie credentials (just like other XSS attacks).
SLaks
- 868,454
- 176
- 1,908
- 1,964
-
Yep, I thought of that. But that seems very unlikely to me. – Johannes Ewald Mar 07 '15 at 11:44