User:TechnoSquirrel69/sandbox

From Wikipedia, the free encyclopedia

TS

hmm

Cross-site leaks [edit]

Example of a cross-site leak
  • In the absence of a third party, the user's browser sends the web server an HTTP request. The server then sends an ""encrypted"" HTTP response.
    In the absence of a third party, the user's browser sends the web server an HTTP request. The server then sends an ""encrypted"" HTTP response.
  • An attacker identifies a vulnerable URL and phishes the user to their website using an email. The attacker can now send malicious HTTP requests to the web server using the vulnerable URL.
    An attacker identifies a vulnerable URL and phishes the user to their website using an email. The attacker can now send malicious HTTP requests to the web server using the vulnerable URL.
  • The server sends an ""encrypted"" HTTP response that the attacker cannot read. However, observing other factors like the response time or size can lead to side-channel information leakage.
    The server sends an ""encrypted"" HTTP response that the attacker cannot read. However, observing other factors like the response time or size can lead to side-channel information leakage.
Example of a cross-site leak
Colored dice with white background
In the absence of a third party, the user's browser sends the web server an HTTP request. The server responds with a response depending on the request sent.
Colored dice with checkered background
An attacker identifies a vulnerable URL and phishes the user to their website using an email. When the user goes to the attacker's website, the attacker can make a malicious HTTP requests to the web server using the vulnerable URL.
Colored dice with checkered background
Reading the response to the malicious request sent by the attacker is blocked by the browser. However other factors like the response time or size can be measured by the attacker, leading to information about the user leaking to the attacker.
  • In the absence of a third party, the user's browser sends the web server an HTTP request. The server responds with a response depending on the request sent.
    In the absence of a third party, the user's browser sends the web server an HTTP request. The server responds with a response depending on the request sent.
  • An attacker identifies a vulnerable URL and phishes the user to their website using an email. When the user goes to the attacker's website, the attacker can make a malicious HTTP requests to the web server using the vulnerable URL.
    An attacker identifies a vulnerable URL and phishes the user to their website using an email. When the user goes to the attacker's website, the attacker can make a malicious HTTP requests to the web server using the vulnerable URL.
  • Reading the response to the malicious request sent by the attacker is blocked by the browser. However other factors like the response time or size can be measured by the attacker, leading to information about the user leaking to the attacker.
    Reading the response to the malicious request sent by the attacker is blocked by the browser. However other factors like the response time or size can be measured by the attacker, leading to information about the user leaking to the attacker.
edit | discuss
Nurture
7 articles
"Get Your Wish"
"Look at the Sky"
"Something Comforting"
"Musician"
"Mirror"
"Unfold"
edit | discuss
Porter Robinson albums
4 articles
Worlds
Nurture (subtopic)
Test

Test.[1] How bout this and this

Retrieved from "https://en.wikipedia.org/w/index.php?title=User:TechnoSquirrel69/sandbox&oldid=1222805014"