Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Opera Cross-Site Scripting

Opera Cross-Site Scripting

by phiber on November 18th, 2001 It is possible to construct malicious script code on a webpage, which when executed by Opera web browser, is able to affect another domain.


In short, Opera does not properly implement the "Same Origin Policy" enforced by other browsers. The danger is that one website may be able to access the cookie-based authentication credentials of another website.



Solution:

- Disable execution of JavaScript

- Enable "Use cookies to trace password protected documents".


Credits go to Georgi Guninski.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »