I have an existing jQuery plugin which makes a lot of AJAX calls (mostly JSON). I am wondering what is the quickest to allow it to do cross-site calls i.e. the $.get and $.post URL's will not be from the same domain.  I have heard of JSONP, but w...
Chrome is giving me the following warning:     A cookie associated with a cross-site resource at http://quilljs.com/   was set without the SameSite attribute. A future release of Chrome   will only deliver cookies with cross-site requests if they are...
We use Shibboleth's SingleSingOut(SSO) to do the authentication.Shibboleth is an open-source project which has been integrated into our project. Shibboleth will do the redirect to login.jsp page, if the user has not been authenticated.Now we have...
I have to call domain A.com (which sets the cookies with http) from domain B.com. All I do on domain B.com is (javascript):   var head = document.getElementsByTagName("head")[0]; var script = document.createElement("script"); script.s...
I have a HTML select Tag in my JSP  <%@ taglib prefix="esapi"   uri="http://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API"%>      <select>        ...       <option value="volvo">${device.name...
Is it possible to do a cross-site call, in Javascript, to a WCF service?  I don't mind if it's a POST or a GET.  But I've heard that these days, browsers don't allow cross-site calls with either POST or GET.  How can I circumvent this...
On our site www.foo.com we want to download and use http://feeds.foo.com/feed.xml with Javascript. We'll obviously use Access-Control but for browsers that don't support it we are considering the following as a fallback:  On www.foo.com, we s...
The HTML parent window and iFrame content know about each other and communicate freely when they live on the same web server. When they are saved to DVD, Chrome throws an "Unsafe JavaScript attempt to access frame with URL" when iFrame tries...
I need to use the Encode.forHtml() in a js file. i'm using the jar Recommended by OWASP - encoder-1.2.jar i'm following the details given in this page https://www.owasp.org/index.php/OWASP_Java_Encoder_Project#tab=Use_the_Java_Encoder_Project...
I am trying to build some kind of branding tool, which adds a branding to a chosen image and lets the user download the image again. This works perfectly fine on many Browsers, but Opera and IE throw a security Error which makes me think that soon ot...

Tags

Recent Questions

Top Questions

Home Tags Terms of Service Privacy Policy DMCA Contact Us

©2020 All rights reserved.