A Billion More Laughs: The JavaScript hack that acts like an XML attack

Don is off in Lowell working on a project with our ARX folks so I was working late last night (finishing my daily read of the Internet) and ended up reading Scott Hanselman's discussion of threads ve...
Published Sep 11, 2008
Version 1.0
ajax
application
applications
arx
ASM Advanced WAF
chrome
dev
exploits
http
ie8
Lori_MacVittie's avatar
Lori_MacVittie
Icon for Employee rankEmployee
Sep 11, 2008
@k3n

 

 

The script does not crash NoScript. In fact, NoScript is one of the *best* ways to deal with poorly behaving/bad scripts, which is why it's included.

 

 

NoScript isn't a panacea, but it does help make more manageable the process of disallowing/allowing scripts to run.

 

 

Lori