Questions tagged [cross-site]

Cross-site means the interaction cross separate domains of authority.

246 questions

votes

1 answer

jquery solutions to post to another site from static html page

Need to post data from a static html page to another page which is hosted on another domain. Normally I'd create and iframe with a form inside of it with a post method, and whose actions is directed to that web page, and finally submit that form.…

asked Jan 20 '10 at 15:00

deostroll

11,661
21
90
161

votes

4 answers

XSS Cross Site Scripting - Jsp tag

The following piece of code in my JSP caused a cross site scripting vulnerability on the input tag.

Account Id:

…

xss cross-site

asked Aug 13 '12 at 19:13

Deena

votes

1 answer

How to make cross-site POST request with easyXDM?

What I'm trying to do is to implement some simple cross-site client calls to RESTful service. Right now I'm trying to use easyXDM for this purpose. It seems to be working, but when I'm using it according to example…

javascript jquery post xss cross-site

asked Dec 05 '11 at 00:05

Piotr Kukielka

3,792
3
32
40

votes

2 answers

How to test browser for permission before "Unsafe JavaScript attempt to access frame with URL" (Chrome local frame)?

The HTML parent window and iFrame content know about each other and communicate freely when they live on the same web server. When they are saved to DVD, Chrome throws an "Unsafe JavaScript attempt to access frame with URL" when iFrame tries to…

javascript google-chrome iframe local cross-site

asked Dec 02 '11 at 21:14

spiraleddy

votes

1 answer

Single-sign-on in Extjs 4

How can we implement Single-sign-on in Extjs4 where there are two different domains domain1.com domain2.com.

extjs4 single-sign-on cross-site

asked Sep 26 '11 at 18:40

Anand Soni

5,070
11
50
101

votes

0 answers

Why won't cross site cookies be sent even with https, samesite=none, and secure=true

I'm creating a proof of concept to use cookie authentication with jwt's in aspnet core with a separate UI server (i.e. the UI is hosted on localhost:4200 and the backend on localhost:5001). This repo that exhibits this and the following problem can…

angular asp.net-core cookies setcookie cross-site

asked Aug 19 '21 at 12:11

Ryan Clements

votes

1 answer

Telegram login widget broken with cross site cookies disabled

Not so long ago most browsers banned third-party cookies, which broke my Telegram user authorisation flow. For example, with Prevent cross-site tracking option enabled (by default), after authorising the login in Telegram window nothing happens on…

authentication browser telegram tracking cross-site

asked Oct 22 '20 at 13:38

pomo_mondreganto

2,028
2
28
56

votes

2 answers

What are these warning for cross-site cookie in my console?

I'm using python 3.7.4, django 3.06, javascript and jquery on windows 7. I'm not sure when it happens but now my console (F12 on firefox) gives me these warning: Cookie “PGADMIN_KEY” will be soon treated as cross-site cookie against…

javascript django cookies warnings cross-site

asked Jul 10 '20 at 10:05

fabio

1,210
2
26
55

votes

1 answer

VueJS - sanitizing output to prevent cross-site scripting attacks

I'm new to VueJS. I start learning about the v-html directive. My question is: how to sanitize output to prevent cross-site scripting attacks?

html vue.js ecmascript-6 cross-site vuejs3

asked Jan 03 '20 at 09:09

Adele

votes

1 answer

SameSite Cookie Attribute Warning Isn't getting fixed

I am using react.js, and I'm trying to integrate lucky orange into my web app. I added the code snippet in the head tag of the index.html file, but I get a warning saying: A cookie associated with a cross-site resource at http://luckyorange.net/…

javascript reactjs cookies cross-site

asked Nov 04 '19 at 03:28

Jessica

9,379
14
65
136

votes

4 answers

Cross-site ajax call to a WCF Service

Is it possible to do a cross-site call, in Javascript, to a WCF service? I don't mind if it's a POST or a GET. But I've heard that these days, browsers don't allow cross-site calls with either POST or GET. How can I circumvent this and still call a…

javascript wcf json cross-site

asked Feb 17 '09 at 05:17

Jonathan

32,202
38
137
208

votes

1 answer

Prevent XSS Reflection in JSF

I am supporting a legacy application that uses JSF (and JSP). I am doing my best to prevent XSS by adding validators and escapes to the code as necessary. I'm new to JSF. Code Example (in xhtml):

java jsf parameters xss cross-site

asked Jan 20 '17 at 16:38

MrZii

votes

2 answers

ESAPI for XSS prevention not working

I am working on fixing Cross site scripting issues in our code mainly in JSPS. Below is the original code //scriplet code <% String userId = request.getParameter("sid"); ...%> and in the same Jsp they have

java xss fortify cross-site esapi

asked Apr 01 '15 at 14:43

Pro

votes

3 answers

Preventing spam bots on site?

We're having an issue on one of our fairly large websites with spam bots. It appears the bots are creating user accounts and then posting journal entries which lead to various spam links. It appears they are bypassing our captcha somehow --…

php mysql xss cross-site

asked Mar 12 '10 at 15:09

Mike

votes

1 answer

Content Security policy not loading files from localhost

I am trying to make a chrome application and want to use the livereload so as to automatically update my when I make changes. But I am getting the following message — Error Message: Refused to load the script 'http://localhost:35729/livereload.js'…

javascript google-chrome-app content-security-policy cross-site livereload

asked Oct 01 '13 at 05:59

tusharmath

10,622
12
56
83

Prev 1 2

…

16 17 Next