How to extract the Cookie of a website after the iframe cross-site is successful
Source: Internet
Author: User
How can I extract the Cookie of a website after the iframe cross-site is successful? Recently, xss is being studied. by default, iframe is forbidden to send storedcookies. Is there really no way to use iframe to extract cookies after cross-site access? Look at your fingers and drop your eyes ., Don't think about it. it's just a whimsical idea. if you can, how can we extract cookies from websites after the iframe cross-site success?
Recently, xss is being studied. by default, iframe is forbidden to send stored cookies. Is there really no way to use iframe to extract cookies after cross-site access?
Look at your fingers and drop your eyes.
------ Solution --------------------
Don't think about it. it's just a whimsical idea. if you can, your information is not guaranteed. generally, websites use the advertising system. Such as Baidu and google. If yes. You have obtained the user's login cookie and then simulated the cookie. Then you can log on with this user. The browser does not do this. flash does not know but does not. However, you must add a configuration file on the server.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.