Parent message listener fingerprinting
Send multiple postMessage payloads to the parent and observe responses or side effects.
Behavior by sandbox policy
| Policy | Expected result |
|---|---|
| No sandbox | works |
sandbox="allow-scripts" | works |
sandbox="" (strictest) | blocked |
Embed snippet
This snippet uses the dedicated embed page. Paste it into your own service and check rendering or blocking behavior.
<iframe src="https://xss-playground.com/embed/parent-message-listener-probe?lang=en" title="XSS Playground - Parent message listener fingerprinting" width="600" height="420" loading="lazy" referrerpolicy="strict-origin-when-cross-origin"></iframe>
Run
target origin
// no logs
Responses from parent
// no responses
Explanation
- You cannot directly read the parent's message listeners, but you can send varied payloads and watch for replies, visual changes, or routing side effects.
- If a listener performs routing, auth, resize, or close actions without origin checks, the iframe can influence parent behavior.
- Mitigate with an origin allowlist, message schema validation, ignoring unexpected messages, and user confirmation for sensitive actions.