Is it possible to get a flash src after a redirect or an element inside an embed/object/iframe tag (cross-domain)?
The URL example.com/auth will automatically redirect the user (HTTP 302) to example.com/signed_in.SWF?token=SENSITIVE.
Is it possible for an attacker to steal the token, using javascript or flash, in the following example? How?
<!DOCT…