Categories
  Encyclosphere.org ENCYCLOREADER
  supported by EncyclosphereKSF

WYCIWYG

From HandWiki - Reading time: 1 min

What You Cache Is What You Get (WYCIWYG) is a Uniform Resource Identifier (URI) scheme commonly displayed in the address bar of Gecko-based Web browsers like Mozilla Firefox as wyciwyg:// when the Web browser is retrieving cached information. WYCIWYG is a play on the related acronym WYSIWYG (What You See Is What You Get).

Usage

Mozilla Firefox implements a registered, strictly internal wyciwyg URI scheme to sort and later reference locally cached pages that were generated or modified by a script on the client side (a common practice for Web 2.0 sites).

Security issues

In 2007 Michał Zalewski reported that it was possible to bypass the same-origin checks and read from cached (wyciwyg) documents. It was possible at that time to access wyciwyg:// documents without proper same domain policy checks. This could have enabled an attacker to steal sensitive data, perform cache poisoning and execute their own code or display own content with URL bar and SSL certificate data of the original page (URL spoofing).[1] This was fixed in Firefox 2.0.0.5 and SeaMonkey 1.1.3.[2]

References




Licensed under CC BY-SA 3.0 | Source: https://handwiki.org/wiki/WYCIWYG
8 views | Status: cached on July 21 2024 03:40:45
↧ Download this article as ZWI file
Encyclosphere.org EncycloReader is supported by the EncyclosphereKSF