How does Tumblr implement their global navigation?
Every blog on Tumblr has these two buttons at the top right corner of the page:
This global navigation is inside an iframe which points to tumblr.com.
How does Tumblr implement this feature securely? Tumblr themes can contain untrusted scripts and tumblogs can run on a custom domain (i.e not just *.tumblr.com).
I assume Tumblr takes measures to ensure that the navigation iframe's session cookie is not exposed to the blog in which it is embedded. What are those measures?
Additionally, does Tumblr whitelist the domains where the navigation iframe can be embedded?
the iframe solution seems to be the only possible way to go, otherwise it wouldn't be possible to carry the Tumblr session cookie, in the case of custom domain blogs.
also, there's not much to think about in terms of security. the browser doesn't allow any scripts to access the iframe's contents, since the domains are different.
- Keep numbers which appear in both columns, in J lang
- Differentiation in J
- How to reshape an array with an arbitrary size in one dimension?
- Why is Insert (fold) right associative
- Write 4 : 'x&{.&.;: y' tacitly
- Alignment issue when printing formatted prime numbers in J language
- How can I define a verb in J that applies a different verb alternately to each atom in a list?
- How to get user input in the J programming language
- How to unbox a list of boxed lists of differing lengths in J?
- How can I fix 'noun result was required' error in J?
- In j, how can I define a verb locally in one scope and pass it to a defined adverb?
- Convert boxed array to normal array?
- Read column of CSV file as array
- Replace atom in array of strings
- What does the dyad `=` do to boxed strings?
- Index of minimum element using J
- How can I take the outer product of string vectors in J?
- Building an array of verbs in J
- Reading in multidigit command line parameter
- Amend with bond to new data shows unexpected behaviour
- How to turn a table or matrix into a (flat) list in J
- How to run dissect in J?
- How to define selection using index function in J
- How to exit the J console?
- Find 4-neighbors using J
- Writing custom verbs in J
- How do I negate a selector in J lang?
- How to use arbitrary selector in interchange in J lang?
- different result once square root is added inside tacit
- Sum of arrays with repeated indices