TechMasala - Technology Spice Rack » 2006 » July » 21

Deprecated: Assigning the return value of new by reference is deprecated in /home/techmasa/public_html/wp-content/plugins/sem-cosmos-link/sem-cosmos-link.php on line 90

Deprecated: Assigning the return value of new by reference is deprecated in /home/techmasa/public_html/wp-content/plugins/sem-recent-posts.php on line 942

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/techmasa/public_html/wp-content/plugins/sem-cosmos-link/sem-cosmos-link.php:90) in /home/techmasa/public_html/wp-content/plugins/wordpress-automatic-upgrade/wordpress-automatic-upgrade.php on line 121

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/techmasa/public_html/wp-content/plugins/sem-cosmos-link/sem-cosmos-link.php:90) in /home/techmasa/public_html/wp-content/plugins/wordpress-automatic-upgrade/wordpress-automatic-upgrade.php on line 121
TechMasala - Technology Spice Rack » 2006 » July » 21

Archive for July 21, 2006

Cross Site Scripting

by Ramesh on Friday,July 21, 2006 @ 9:00 am

In some of my earlier posts we have seen that JavaScript vulnerabilities could cause havoc, particularly if JavaScript in one application opened in a browser window is able to access the data of an application opened up in another browser window. That was one type of vulnerability and there were more that were formed as a security policy by Netscape when it introduced JavaScript on its browser. These policies to avoid such vulnerabilities were coined with the name Cross Site Scripting (CSS, usually confused with Cascading Style Sheets). The types of CSS and explanation of each of them is available on the wikipedia. Fortunately a lot of these policies are implemented in the browsers so we do not need to do anything from the application side. A little old but a worth reading whitepaper “Cross Site Scripting Explained” has explained CSS in a neat way and how to check if your site is protected from it.

Deprecated: Function ereg_replace() is deprecated in /home/techmasa/public_html/wp-content/plugins/sociable/sociable.php on line 64

Permalink Comments Cosmos

SEARCH
RAMESH RAJAMANI
MY BOOK
Java Servlet Programming Bible

CATEGORIES
- Architecture (19)
- Development (157)
- Foundations (68)
- Java/J2EE (47)
- Mind Maps (10)
- Object Thinking (7)
- Operating System (7)
- Others (94)
- RToons (9)
- Ruby on Rails (29)
- This is interesting (51)
- Troubleshooting (14)
- Useful Resources (41)
THIS MONTH
MONTH ARCHIVE
TRANSLATE
RECENT POSTS
SUBSCRIBE VIA EMAIL

Enter your Email

Powered by FeedBlitz
TECHNORATI
META
- Login
RSS NEWSFEEDS
VISITORS
TOP LINKS
Google AdSense

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 2.5 License.