Commit a79c90b0 authored by Aral Balkan's avatar Aral Balkan

Deleted older test content.

parent bf17df8c
# EasyXDM.js
## What is it?
According to its [Github repository](https://github.com/oyvindkinsey/easyXDM): “a Javascript library that enables you as a developer to easily work around the limitation set in place by the Same Origin Policy, in turn making it easy to communicate and expose javascript API's across domain boundaries.”
On the site that it was found (CultOfMac.com), it was being loaded by and used to communicate with a third-party site (Contextly). It’s been blocked there. Keeping this entry to track. If we see it used via first-party loading, we can block it here.
## Found on
* [Contextly](../contextly/contextly-dot-com.html)
## How it violates the [Ethical Design Manifesto](https://ind.ie/ethical-design)
* **Respect for human rights:** can be used to share your information with third parties.
## Block rule
None yet. See the note above.
## Further reading
* [Exploiting EasyXDM part 1: Not the usual Flash XSS](http://blog.kotowicz.net/2013/09/exploiting-easyxdm-part-1-not-usual.html)
* [Exploiting EasyXDM part 2: & considered harmful](http://blog.kotowicz.net/2013/10/exploiting-easyxdm-part-2-considered.html)
# Comprehensive spec
All rules.
## Rules
### All rules
These are all the rules from webkit.org’s [Introduction to WebKit Content Blockers](https://www.webkit.org/blog/3476/content-blockers-first-look/).
```mson
- trigger:
- url-filter: ^https?://www\\.facebook\\.com/tr/\\?
- url-filter-is-case-sensitive: true
- load-type: first-party, third-party
- resource-type: image, svg-document, script
- if-domain: facebook.com, www.facebook.com
- action:
- type: block
```
## Tags
facebook, facebook.com, FB
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment