D23568: Call window.postMessage with targetOrigin
Fabian Vogt
noreply at phabricator.kde.org
Thu Aug 29 16:20:05 BST 2019
fvogt added a comment.
> Always provide a specific targetOrigin, not *, if you know where the other window's document should be located. Failing to provide a specific target discloses the data you send to any interested malicious site.
I wonder whether that is relevant to us?
REPOSITORY
R856 Plasma Browser Integration
REVISION DETAIL
https://phabricator.kde.org/D23568
To: broulik, #plasma, ognarb, fvogt, davidedmundson
Cc: plasma-devel, LeGast00n, The-Feren-OS-Dev, jraleigh, fbampaloukas, GB_2, ragreen, Pitel, ZrenBot, himcesjf, lesliezhai, ali-mohamed, jensreuterberg, abetts, sebas, apol, mart
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/plasma-devel/attachments/20190829/a073a65b/attachment.html>
More information about the Plasma-devel
mailing list