Probable security leak in v.10. called "Aurora".
See screenshot Then one logged in to Google sites account, and then opens http://genuslupae.co.nr/ which is third-party framed re-director to my own Google site, Aurora mixes http top frame with https child frame with private Google logged user data, at least e-mail address. security.warn_viewing_mixed is set to true. MSIE 8 do not warns me also, but it shows HTTP, not HTTPS, as properly asked by my top frame:
<frameset rows="100%,*" frameborder="NO" border="0" framespacing="0"> <frame name="conr_main_frame" src="http://sites.google.com/site/repertiziani/"> </frameset>
この投稿は genuslupae により に変更されました
選ばれた解決策
NO WAY!
While one (top frame owner) tries to access they "own" frames collection via javaScript located in the header section or in the event call string, it will be stopped just after window.frames[0]!
[20:29:53.186] Error: Permission denied to access property 'document'
love Aurora
この回答をすべて読む 👍 0すべての返信 (2)
O.K., You had The Chance, guys.
選ばれた解決策
NO WAY!
While one (top frame owner) tries to access they "own" frames collection via javaScript located in the header section or in the event call string, it will be stopped just after window.frames[0]!
[20:29:53.186] Error: Permission denied to access property 'document'
love Aurora