Google Blogoscoped


Google Gears WorkerPool API vulnerability reported

Juha-Matti Laurio [PersonRank 10]

Tuesday, December 9, 2008
15 years ago2,572 views

Version 0.5.4 reportedly includes a fix:

<<Google Gears is prone to a vulnerability that allows attackers to violate the same-origin policy. This issue occurs because the application fails to properly enforce the same-origin policy when handling WorkerPool objects.>>

[edit: snippet added. -Philipp]

Forum home


Blog  |  Forum     more >> Archive | Feed | Google's blogs | About


This site unofficially covers Google™ and more with some rights reserved. Join our forum!