[thelist] Defining Irony, the XSS way
Joel D Canfield
joel at streamliine.com
Fri Jun 15 09:48:19 CDT 2007
> It is a tutorial about Cross Server Scripting attacks and how to
> prevent them. The "fail" alert is injected to the page via XSS, so the
> page itself is not protected against the thing it explains how to
> protect yourself against.
um, right. obviously. so much for *my* powers of observation.
time for another cuppa tea, methinks, or perhaps something a little
stronger
More information about the thelist
mailing list