The Same Origin Policy - Hacker History

2022-07-23

[public] 15.7K views, 6.61K likes, dislikes audio only

In 1995 Netscape invented JavaScript (LiveScript) and it marked the start of client-side web security issues. In this video we explore this history and learn about the same origin policy (SOP).

Cookies Explained: https://web.archive.org/web/19970605224124/http://help.netscape.com/kb/client/970226-2.html

Netscape 2.0b1 LiveScript: https://web.archive.org/web/20021212124306/http://wp.netscape.com:80/eng/mozilla/2.0/relnotes/windows-2.0b1.html

Netscape 2.0b2 JavaScript: https://web.archive.org/web/20041211182909/http://wp.netscape.com/eng/mozilla/2.0/relnotes/windows-2.0b2.html

JavaScript Documentation: https://web.archive.org/web/19970613234917/http://home.netscape.com/eng/mozilla/2.0/handbook/javascript/index.html

Netscape 2.02 Security Fixes: https://web.archive.org/web/20030711134218/http://wp.netscape.com/eng/mozilla/2.02/relnotes/windows-2.02Gold.html#Security2

Netscape 3: https://web.archive.org/web/20020808153106/http://wp.netscape.com:80/eng/mozilla/3.0/handbook/javascript/advtopic.htm#1009533

Bugtraq Java Applet RCE: https://seclists.org/bugtraq/1996/Jun/27

Donate to Web Archive: https://archive.org/donate/

Chapters:

00:00 - Intro and Motivation

00:43 - How the Internet Works

01:43 - Online Services in 1994/95

03:08 - JavaScript Released in 1995

04:40 - HTML frames and framesets

05:16 - Cross-Domain Attack Example

06:54 - Fixing the Attack

08:00 - The First Web Exploit?

08:37 - The Same Origin Policy (SOP)

09:35 - Historical Context: Crashes, Java Applets, ...

11:06 - Outro and Shoutout

-=[ ❤️ Support ]=-

→ per Video: https://www.patreon.com/join/liveoverflow

→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join

-=[ 🐕 Social ]=-

→ Twitter: https://twitter.com/LiveOverflow/

→ Instagram: https://instagram.com/LiveOverflow/

→ Blog: https://liveoverflow.com/

→ Subreddit: https://www.reddit.com/r/LiveOverflow/

→ Facebook: https://www.facebook.com/LiveOverflow/