Skip to content

Category Archives: iframes

IFrames security summary

I’ve decided to collect the various proof of concepts I’ve done and summarise why iframes are a security risk. Here are the top reasons:-
1. Browser cross domain exploits
Description:-
Because you can embed another web site inside your page, you can exploit that page and perform actions as that user and doing anything on a chosen web [...]

Posted 24 October 2007 Gareth Heyes § Security § javascript Comments (5)