There's an interesting technique that allows an attacker to make his attacks permanent for some users by employing caching behavior. It is described in the Domain Contamination article by Amit Klein (2006). In addition to creating a separate page about cached malicious content, ArticleXSS and ArticleHttpCaching could also be updated to mention the threat.
Feel free to do this if you're interested because I'm not sure when I get the time for it.
Sign in to add a comment
This is amazing, thank you for putting this resource together and making it available.
Great documentation. I cant wait for this project to be full of information
thank you for this
thank you for gather this resource
Great job! Tks for the documentation!
我看不懂
Cool!
This is really good work, but can i know why have you given limited info? plz do add references for people like me who may be interested plzz
Could you please document how to protect against CSRF attacks? More information can be found in the following papers:
There's an interesting technique that allows an attacker to make his attacks permanent for some users by employing caching behavior. It is described in the Domain Contamination article by Amit Klein (2006). In addition to creating a separate page about cached malicious content, ArticleXSS and ArticleHttpCaching could also be updated to mention the threat.
Feel free to do this if you're interested because I'm not sure when I get the time for it.
Anyone wanting to build "frames" without frames, should read this: http://www.fu2k.org/alex/css/frames/
Tricky.
Thanks for the excellent resource.
Idea for article - Single Sign On best practices.
Not so nice in a website "Documenting the open web": the language links don't show the correct characters (ñ from Español, for example).
It is a great initiative really...Abhishek Shankar