A Billion More Laughs: The JavaScript hack that acts like an XML attack

Don is off in Lowell working on a project with our ARX folks so I was working late last night (finishing my daily read of the Internet) and ended up reading Scott Hanselman's discussion of threads ve...

Published Sep 11, 2008

Version 1.0

Employee

Joined October 17, 2006

View Profile

Joe_Pruitt

Sep 11, 2008

Another option is to control what you know. Javascript is fine as long as you are the one including it. Disable Javascript for all non-known entities (ie, comments, trackbacks, etc). This could help a bit...

-Joe

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

A Billion More Laughs: The JavaScript hack that acts like an XML attack

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS