More threat from Cross Site Scripting

by Ramesh on Thursday,August 3, 2006 @ 9:00 am

I came across this recent news published in SPI Dynamics on a recent discovery by their research team. The CSS (or XSS) attack through JavaScript as mentioned in the article seems to be a major security threat. If the best way is to turn off JavaScript on browsers, my mind races to think about what will happen to all the AJAX gung ho. Won’t we be tossed back to the web world of 90’s or early 00’s? But hopefully the actions mentioned in the article are valid enough to make sure that no loophole is left open for any web application using JavaScript. As mentioned in one of the points consider it as an extremely valid reason to do server side validations. The last point mentions about network Intrusion Detection System (IDS) which helps in detecting unwanted interruption of the system through malicious ways. A detailed explanation of IDS and information on different types of IDS is available in Wikipedia.

Blink this More threat from Cross Site Scripting at blinklist.com    Bookmark More threat from Cross Site Scripting at blogmarks    Bookmark More threat from Cross Site Scripting at del.icio.us    Digg More threat from Cross Site Scripting at Digg.com    Fark More threat from Cross Site Scripting at Fark.com    Bookmark More threat from Cross Site Scripting at Furl.net    Bookmark More threat from Cross Site Scripting at NewsVine    Bookmark More threat from Cross Site Scripting at reddit.com    Bookmark More threat from Cross Site Scripting at Simpy.com    Bookmark More threat from Cross Site Scripting at Spurl.net    Bookmark More threat from Cross Site Scripting with wists    Bookmark More threat from Cross Site Scripting at YahooMyWeb

      Cosmos

Leave a Comment

authimage


Creative Commons License  This work is licensed under a Creative Commons Attribution-ShareAlike 2.5 License.