picostitch
crafting (and) JavaScript

Learn about URL parsing in real life

Wolfram Kriesing - April 6, 2020 - tagged with: #programming #URL #web #browsers #chrome #iOS #Apple #security #hacking #video #knowledgebase

There is a uXSS bug in Chrome on iOS, which is actually a WebKit bug. But Chrome fixes it on iOS by crashing the browser, because this was the fastest way to fix it. Alright ...

If you dont have the 16 minutes (or 8 minutes in double speed) to watch this video, start here (at minute 11) and you will see there is enough to learn about URL parsing, how browser work, the browser history, world and iOS restrictions and more. Later you will also learn that understanding, finding and reporting those kind of (rare) bugs can make you a bit of money too.

Oh, actually I found this video through this very interesting blog post "Webcam Hacking, The story of how I gained unauthorized Camera access on iOS and macOS ".