1 / 6

The Postman Always Rings Twice: Attacking and Defending postMessage in HTML5Websites

The Postman Always Rings Twice: Attacking and Defending postMessage in HTML5Websites. Sooel Son and Vitaly Shmatikov The University of Texas at Austin 20 th NDSS Symposium (February 2013). Introduction. Web browsers isolate content by on its origin . same origin policy

ezhno
Download Presentation

The Postman Always Rings Twice: Attacking and Defending postMessage in HTML5Websites

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Postman Always Rings Twice:Attacking and Defending postMessage in HTML5Websites Sooel Son and VitalyShmatikov The University of Texas at Austin 20th NDSS Symposium (February 2013)

  2. Introduction • Web browsers isolate content by on its origin. • same origin policy • Popular sites often include third-party content. • advertisements • buttons for social recommendations • … • They need to communicate with each other. A Seminar at Advanced Defense Lab

  3. HTML5 • HTML5 includes the postMessage facility that enables a script to send a message to a window regardless of their respective origins. [link] A Seminar at Advanced Defense Lab

  4. postMessage • Sender (may be invoked by third-party script) • window.postMessage(message, targetOrigin [, transfer ]) • Browser use targetOrigin to verify window A Seminar at Advanced Defense Lab

  5. Message Event • The event listener may be registered by third-party script • Some message event object members • data • origin • The sender’s origin • source • It represents the WindowProxy of the browsing context of the Window object from which the message came A Seminar at Advanced Defense Lab

  6. Two Problems about postMessage • Senders need to specify targetOrigin • Barth et al. USENIX Security 2008 • Recievers need to verify event.origin • This paper A Seminar at Advanced Defense Lab

More Related