Link to this headingJavascript

Link to this headingWASM

Decompile WebASM

Link to this headingIframe

sanboxed, allow-same-origin

Link to this headingDOM Clobbering

If there are three nested iframes if the top and leaf iframes are the same domain they can interact with each other.

JS makes variables from the names of the id/name of certain elements. This does not overwrite variables but does make them if they don’t exist.

<!DOCTYPE html> <html> <body> <h1 id="dog">BOW!</h1> <script> //Alerts [object HTMLHeadingElement] alert(dog) </script> </body> </html>

Link to this headingJS Evaluation

https://github.com/pyppeteer/pyppeteer