Basic HTML version of Foils prepared April 7 1998

Foil 127 Targets-2

From Basic Principles of Java and Internet Security CPS616 Web Technologies -- Spring 98. by Geoffrey C. Fox


The followings are some samples of system targets and the JavaScript methods that require privileges to check them:
UniversalFileRead:Setting a file upload widget
UniversalSendMail:Submitting a form to a mailto
UniversalBrowserRead:Using an about: URL other than about:blank
UniversalBrowserWrite:Setting any property of event object
UniversalBrowserRead: Getting the value of the data property DragDrop event
UniversalBrowserRead: Getting the value of any property of history object
UniversalPreferencesRead/Write: Getting setting the value of a preference of navigatorobject using the preference method



© Northeast Parallel Architectures Center, Syracuse University, npac@npac.syr.edu

If you have any comments about this server, send e-mail to webmaster@npac.syr.edu.

Page produced by wwwfoil on Mon Apr 6 1998