WebApp Sec mailing list archives
RE: Passing data between frames
From: "Vinny Bedus" <vbedus () BitChangers com>
Date: Fri, 28 Mar 2003 16:31:10 -0500
Chris, The best way would then have to be in sessions. Your only other options would be cookies (not secure) or as a url string (not secure). There is the possibility of posting from a form on the one page to a form on the other frame. This is complicated, and may not work for your app. Just my two cents. Vinny Bedus Bit Changers http://www.bitchangers.com/ -----Original Message----- From: Chris Neil [mailto:Chris.Neil () abs-ltd com] Sent: Friday, March 28, 2003 5:34 AM To: 'webappsec () securityfocus com' Subject: Passing data between frames What would people recommend as the best way to pass sensitive data between frames? The frames are separate web sites hosted on the same machine. (if it matters it's IIS) Chris Neil Security Officer Chris.Neil () abs-ltd com ------------------------------------------- ABS http://www.abs-ltd.com/ Tel: +44 (0) 1993 771221 Fax: +44 (0) 1993 775081 -------------------------------------------
Current thread:
- Passing data between frames Chris Neil (Mar 28)
- RE: Passing data between frames Vinny Bedus (Mar 28)
- <Possible follow-ups>
- Re: Passing data between frames Mark Reardon (Mar 28)
- Re: Passing data between frames Bear Giles (Mar 28)
- Re: Re: Passing data between frames Mark Reardon (Mar 31)