Vote count: 0
When I embedded a JS hosted on lets say, xyz.com on an webpage hosted on abc.com, it seemed xyz.com/test.js could read and write all key-values set on and by abc.com. Isn't that considered huge security hole? Are sites advised to not store any user sensitive information in localstorage when you are planning to use any third-party JS like from Google Analytics?
asked 44 secs ago
Can a third-party JS access first-party localstorage?
Aucun commentaire:
Enregistrer un commentaire