Challenges and Solutions with postMessage Listeners in Payment Providers

Discussing the challenges faced in locating postMessage listeners during payment provider migrations, the chapter explores the development of a Chrome extension to address these issues and proposes improvements to display all listeners in iframes. Various aspects of listening for postMessage events, including live hacking event examples and techniques to bypass wrappers, are covered, underlining the importance of understanding browser mechanics and client-side race conditions.

Transcript

Play full episode

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!

Get the app

Episode 75: *Rerun* of The OG Bug Bounty King - Frans Rosen

Critical Thinking - Bug Bounty Podcast

Challenges and Solutions with postMessage Listeners in Payment Providers

The AI-powered Podcast Player

Episode 75: Rerun of The OG Bug Bounty King - Frans Rosen