WebGL Flaw

Post a reply

Smilies
:D :) ;) :( :o :shock: :? 8-) :lol: :x :P :oops: :cry: :evil: :twisted: :roll: :!: :?: :idea: :arrow: :| :mrgreen: :geek: :ugeek:

BBCode is ON
[img] is ON
[url] is ON
Smilies are ON

Topic review
   

Expand view Topic review: WebGL Flaw

Re: WebGL Flaw

by therube » Sat May 14, 2011 1:23 pm

WebGL & Security

> The blacklist can be deployed daily without a full software update so we can respond rapidly to any issues.

Wonder that might entail as far as the numbers, upkeep, ...

Re: WebGL Flaw

by Giorgio Maone » Tue May 10, 2011 2:53 pm

It's not trivial, since they're seen as normal cross-site image loads.

However, the attack requires JavaScript enabled on the attacker's site, so NoScript already protects against it.

WebGL Flaw

by kiwi » Tue May 10, 2011 11:21 am

http://www.contextis.co.uk/resources/blog/webgl/

can you add an option to disable WebGL or to block cross-domain request?

Thanks!

Top