Tony Finch's link log
2014-09-15: Android browser up to version 4.4 has easy JavaScript same-origin policy bypass.
(long)
(short)
(atom)
(wayback machine)
Tony Finch's link log
Tony Finch's link log