Ronald Chmara
01/08/07, 18:51
On Jul 26, 2007, at 2:28 AM, Fady Anwar wrote:
> A white paper about how to counter attack XSS attacks using AJAX
> programming techniques
> http://barmagy.com/blogs/infinite_loop/archive/2007/07/20/498.aspx
Failed assumptions = Flawed solutions.
Signing <script> tags? Ow. LOL. Ow.
See:
http://ha.ckers.org/xss.html
While you're there, learn how to forge GET/POST requests.
-Bop
> A white paper about how to counter attack XSS attacks using AJAX
> programming techniques
> http://barmagy.com/blogs/infinite_loop/archive/2007/07/20/498.aspx
Failed assumptions = Flawed solutions.
Signing <script> tags? Ow. LOL. Ow.
See:
http://ha.ckers.org/xss.html
While you're there, learn how to forge GET/POST requests.
-Bop