Page 1 of 1

another reason to block flash

Posted: Sat Jul 12, 2014 11:01 pm
by morganism

Re: another reason to block flash

Posted: Sun Jul 13, 2014 11:03 am
by therube
Is nothing sacred anymore!

Re: another reason to block flash

Posted: Mon Jul 14, 2014 5:56 am
by Thrawn
It's cross-site Flash injection! Clever.

I don't know whether NoScript's built-in CSRF protection would protect against this, but I suspect not, because the Flash object is apparently being loaded from the victim. It probably wouldn't trip the XSS filter either.

RequestPolicy would do the job.