postMessage() IV
This exercise covers how insecure calls to the JavaScript function postMessage() can be used to leak sensitive information when a listener does not filter the origin and X-Frame-Options is used
PRO
content
MEDIUM
Difficulty
Less than an hour
on average
399
Completed this exercise
Course
Make sure you check out PentesterLab PRO and PentesterLab PRO Enterprise to develop your skills.