File:OWASPLondon20161124 JSON Hijacking Gareth Heyes.pdf

This talk will show how it's still possible to steal JSON data cross domain using various browser bugs