Guest Blog Post: Leaking silhouettes of cross-origin images – Attack & Defense
This blog post is one of several guest blog posts, where we invite participants of our bug bounty program to write about bugs they’ve reported to us. This is a writeup of a vulnerability I found in Chromium and Firefox that could allow a malicious page to read some parts of an image located on an origin it is not supposed to be able to access. Although technically interesting, it is quite limited
wasm-bindgen/web-sysã§WebRTC - console.lealog();
ã£ã¦ã„ã†ã®ã‚’ã‚„ã£ã¦ã¿ãŸã€‚ ã„ã¡ãŠã†ã‚„ã£ãŸã®ã§ã€å…¬å¼ã®exampleã«ã‚‚PRも出ã—ã¦ã€ãƒžãƒ¼ã‚¸ã—ã¦ã‚‚らã£ãŸã€‚ TL;DR ã‚„ã£ã¦ã¿ãŸã¯ã„ã„ãŒã€ã“ã®ã‚³ãƒ¼ãƒ‰ã‚’ã‚ã–ã‚ã–Rustã§æ›¸ããŸã„モãƒãƒ™ãƒ¼ã‚·ãƒ§ãƒ³ãŒã¯ãŸã—ã¦ã‚ã‚‹ã‹ãƒ»ãƒ»ï¼Ÿã¨ã„ã†æ„Ÿæƒ³ã€‚ ãã‚Œã§ã„ã†ã¨ãã‚‚ãã‚‚`web-sys`を使ã„ãŸã„ã®ã£ã¦ã©ã†ã„ã†ã‚±ãƒ¼ã‚¹ãªã‚“ã‚„ã‚ã†ãƒ»ãƒ»ã¨ã¾ã§æ€ã£ã¦ãŸã‚Šã€‚ What is a reason for using web-sys except for team has no javascript skills? - help - The Rust Programming Language Forum ã‚ã‹ã‚‹ã‚ˆãã®æ°—æŒã¡ã€‚ ã‚„ã£ã¦ã¿ãŸã‚³ãƒ¼ãƒ‰ https://github.com/rustwasm/wasm-bindgen/blob/master/examples/webrtc_datachannel/src/lib.rs 1ã¤
Rust x WASMã®yewã§TodoAppを作ã£ã¦ã¿ãŸ - console.lealog();
話題ã«ãªã£ã¦ãŸã®ã¯åŽ»å¹´ãらã„ãªæ°—ã‚‚ã™ã‚‹ã—今ã•ã‚‰æ„Ÿã¯ã‚ã‚‹ã‘ã©ã€ä»Šã ã‹ã‚‰ã“ãã™ã”ã„化ã‘ã¦ãŸã‚Šã—ãªã„ã‹ãªãƒ¼ã¨ã„ã†æœŸå¾…ã‚‚è¾¼ã‚ã¦ã€‚ 個人的ã«ã¯ã€WASMã§Webアプリを作る時代ã«ãªã‚‹ã¨ã¯ã‚ã¾ã‚Šæ€ãˆã¦ãªã„ã‘ã©ã€ã¾ã試ã—ã¦ãŠã価値ã¯ã‚ã‚‹ã‹ãªã¨æ€ã„ãã®å¦ã³ã‚’メモ。 yewstack/yew GitHub - yewstack/yew: Rust / Wasm framework for building client web apps Rustã§Reactã£ã½ã„コードãŒæ›¸ã‘ã¦ã€ãã‚ŒãŒWASMã§å‹•ãã®ã§ã€åž‹ã‚ã‚Šã§ã¡ã‚‡ã£ã±ã‚„ãªWebアプリãŒä½œã‚Œã‚‹ãœï¼ã£ã¦ã„ã†ã‚„ã¤ã€‚ 今ã®ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã¯`0.11.0`ã§ã€æœ€å°ã®ã‚³ãƒ¼ãƒ‰ã¯ã“ã‚“ãªæ„Ÿã˜ã€‚ use yew::{html, Callback, ClickEvent, Component, ComponentLink, Html, ShouldRender}; struct
関数型プãƒã‚°ãƒ©ãƒžã‹ã‚‰ã¿ãŸRust | κeenã®Happy Hacκing Blog
C++ã‹ã‚‰Rustã«å…¥ã£ãŸäººã‚ãŸã‚Šã‹ã‚‰ã€Œé–¢æ•°åž‹è¨€èªžã‹ã‚‰æ¥ãŸäººã®Rustã®æ„Ÿæƒ³ã‚’知りãŸã„ã€ã¨ãŸã¾ã«è¨€ã‚れるã®ã§ã„ã¤ã‹ãƒ–ãƒã‚°æ›¸ã“ã†ã‹ã€‚ — κeen (@blackenedgold) 2017å¹´4月3æ—¥ イントムç§ã¯Rustã‚’ã‚„ã‚‹å‰ã«ã¯Common Lispã‚„SMLを主ã«ä½¿ã£ã¦ã„ã¾ã—ãŸãŒã€ä»•äº‹ã§ã¯Scalaを使ã£ã¦ã„ã¾ã—ãŸã—ä»–ã«ã‚‚OCamlã‚„Schemeã‚„Clojureã‚„ATS2ã‚„Haskellãªã©ã‚’書ãã“ã¨ã‚‚ã‚ã‚Šã¾ã—ãŸã€‚ ç§ã‚’å«ã‚ãŸå¤šãã®é–¢æ•°åž‹è¨€èªžçµŒé¨“者人ãŒä¸€åº¦ã¯ Rust for functional programmers ã‚’èªã‚“ã ã“ã¨ãŒã‚ã‚‹ã‹ã¨æ€ã„ã¾ã™ã€‚ ã“ã®ã‚ˆã†ã«é–¢æ•°åž‹è¨€èªžã¨æ¯”較ã—ã¦æ›¸ã‹ã‚Œã‚‹ã¨ã„ã‹ã«ã‚‚ä¼¼ãŸè¨€èªžã«è¦‹ãˆã‚‹ã®ã§ç§ã¯èˆˆå‘³ã‚’æŒã¡ã¾ã—ãŸã€‚ãã“ã§ç§ã¯å®Ÿéš›ã«Rustã«è§¦ã‚Œå§‹ã‚ãŸã®ã§ã™ã€‚ 構文 let ãŒã‚ã‚‹ã®ã§ãŠã‚ˆãOCamlãªã©ã«ä¼¼ã¦ã„ã‚‹ã¨ã„ã†å°è±¡ã‚’å—ã‘ã¾ã—ãŸã€‚ デフォルトã§ã‚¤ãƒŸ
ã€è¿½è¨˜ã‚り】「京都市新型コãƒãƒŠãƒ¯ã‚¯ãƒãƒ³æŽ¥ç¨®ãƒãƒ¼ã‚¿ãƒ«ã‚µã‚¤ãƒˆã€ã®ã‚ˆãã‚ã‚‹ãŠå•åˆã›ã‚’HTML化ã—ã¾ã—㟠- ã±ã™ãŸã‘日記
追記 2021/05/31 22:45 京都市新型コãƒãƒŠãƒ¯ã‚¯ãƒãƒ³æŽ¥ç¨®ãƒãƒ¼ã‚¿ãƒ«ã‚µã‚¤ãƒˆå†…ã®ã€Œã‚ˆãã‚ã‚‹ãŠå•åˆã›ã€ãŒ19æ™‚é ƒã«æ›´æ–°ã•ã‚Œã¦ã„ã¦ã€PDFã®é …ç›®ãŒå¢—ãˆã‚‹ã¨å…±ã«å…ƒã®Excelファイルも公開ã•ã‚Œã¦ã„ã¾ã—ãŸï¼ï¼ç´ 晴らã—ã„ï¼ï¼ï¼ï¼ï¼ 「京都市新型コãƒãƒŠãƒ¯ã‚¯ãƒãƒ³æŽ¥ç¨®ãƒãƒ¼ã‚¿ãƒ«ã‚µã‚¤ãƒˆã€ã®ã‚ˆãã‚ã‚‹ãŠå•åˆã›ã®PDFã®ãƒ•ã‚¡ã‚¤ãƒ«å監視ã™ã‚‹Github Actionsæ¢ã‚ã‚‹ã®å¿˜ã‚Œã¦ãŸã‚‰é€šçŸ¥ãŒæ¥ãŸã®ã§è¦‹ã«è¡Œãã¨ã€PDFãŒæ›´æ–°ã•ã‚Œã¦ã„ã¦æ›´ã«Excelã®å…ƒãƒ•ã‚¡ã‚¤ãƒ«ã‚‚公開ã•ã‚Œã¦ã„ã¦ã€Œæœ€é«˜ã˜ã‚ƒã‚“ï¼ï¼ï¼ï¼ï¼ã€ã£ã¦ãªã£ãŸã€‚å‰ã„ãžäº¬éƒ½å¸‚ï¼ï¼ã‚„ã‚Œã°å‡ºæ¥ã‚‹ã‚„ã‚“ï¼ï¼ pic.twitter.com/evjrpYomc6— マジカルペンãƒãã‚“ðŸ (@pastak) 2021å¹´5月31æ—¥ 追記 2021/05/21 09:15 今æœã€äº¬éƒ½å¸‚新型コãƒãƒŠãƒ¯ã‚¯ãƒãƒ³æŽ¥ç¨®ãƒãƒ¼ã‚¿ãƒ«ã‚µã‚¤ãƒˆå†…ã®ã€Œã‚ˆãã‚ã‚‹ãŠå•åˆã›ã€ã®PDFファイルã®ä¸èº«ãŒå·®ã—替ã‚ã£ã¦
リリースã€éšœå®³æƒ…å ±ãªã©ã®ã‚µãƒ¼ãƒ“スã®ãŠçŸ¥ã‚‰ã›
最新ã®äººæ°—エントリーã®é…ä¿¡
j次ã®ãƒ–ックマーク
kå‰ã®ãƒ–ックマーク
lã‚ã¨ã§èªã‚€
eコメント一覧を開ã
oページを開ã
{{#tags}}- {{label}}
{{/tags}}