Home / 2016 / November

Monthly Archives: November 2016

Abusing of Protocols to Load Local Files, bypass the HTML5 Sandbox, Open Popups and more

On October 25th, the fellows @MSEdgeDev twitted a link that called my attention because when I clicked on it (being on Chrome) the Windows Store App opened. It might not surprise you, but it surprised me! As far as I remembered, Chrome had this healthy habit of asking the user before opening external …

Read More »

Bypassing Mixed Content Warnings – Loading Insecure Content in Secure Pages

There are no doubts that the web is moving forward to HTTPS (secure) content. Most important names have today their certificates ready and their websites are in effect, secure. But have you ever wandered: secure to what extent? It’s clear that content served through HTTPS is protected from man in …

Read More »