Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Update postmessage-broadcasts.md
Tweak in last sentence
  • Loading branch information
goedi02 committed Nov 24, 2020
1 parent 67796a3 commit 9e2767a
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion content/docs/attacks/postmessage-broadcasts.md
Expand Up @@ -25,7 +25,7 @@ Applications often use [postMessage broadcasts](https://developer.mozilla.org/en

## Defense

There is no clear solution to mitigate this XS-Leak as it depends deeply on the purpose of sending a postMessage broadcast. Applications should limit postMessage communications to a group of known origins, and, when this is not possible, the communications should behave consistently regardless of the state to prevent attackers from inferring any differences.
There is no clear solution to mitigate this XS-Leak as it depends deeply on the purpose of sending a postMessage broadcast. Applications should limit postMessage communications to a group of known origins. When this is not possible, the communications should behave consistently regardless of the state to prevent attackers from inferring information based on differences between the communications.

## References

Expand Down

0 comments on commit 9e2767a

Please sign in to comment.