WebGL Flaw

Post a reply

This question is a means of preventing automated form submissions by spambots.
:D :) ;) :( :o :shock: :? 8-) :lol: :x :P :oops: :cry: :evil: :twisted: :roll: :!: :?: :idea: :arrow: :| :mrgreen: :geek: :ugeek:

BBCode is ON
[img] is ON
[flash] is OFF
[url] is ON
Smilies are ON
Topic review

Expand view Topic review: WebGL Flaw

Re: WebGL Flaw

Post by therube » Sat May 14, 2011 1:23 pm

WebGL & Security

> The blacklist can be deployed daily without a full software update so we can respond rapidly to any issues.

Wonder that might entail as far as the numbers, upkeep, ...

Re: WebGL Flaw

Post by Giorgio Maone » Tue May 10, 2011 2:53 pm

It's not trivial, since they're seen as normal cross-site image loads.

However, the attack requires JavaScript enabled on the attacker's site, so NoScript already protects against it.

WebGL Flaw

Post by kiwi » Tue May 10, 2011 11:21 am


can you add an option to disable WebGL or to block cross-domain request?