Instead the attacker would need the ability to inject script to trigger a postMessage, i.e. it needs Cross-Site-Scripting (XSS).
確定! 回上一頁
