My favorites | Sign in
Project Logo
             
Search
for
Updated Nov 15, 2008 by pilgrim
Labels: is-landing
ArticlesXSS  
Articles about web security

Español日本語Français
HomeHowto Articles

Web security


Comment by iandanforth, May 14, 2008

This is amazing, thank you for putting this resource together and making it available.

Comment by juanpruiz, May 15, 2008

Great documentation. I cant wait for this project to be full of information

Comment by sahus...@hotmail.com, May 16, 2008

thank you for this

Comment by where23, May 16, 2008

thank you for gather this resource

Comment by gabineski, May 20, 2008

Great job! Tks for the documentation!

Comment by wai...@foxmail.com, Aug 20, 2008

我看不懂

Comment by barlowtucker, Sep 02, 2008

Cool!

Comment by sudheendrasp, Sep 04, 2008

This is really good work, but can i know why have you given limited info? plz do add references for people like me who may be interested plzz

Comment by alexkon, Oct 13, 2008

Could you please document how to protect against CSRF attacks? More information can be found in the following papers:

  1. Barth, Adam, Collin Jackson and John C. Mitchell. Robust Defenses for Cross-Site Request Forgery. To appear at the 15th ACM Conference on Computer and Communications Security (CCS 2008).
  2. Zeller, William, and Edward W. Felten. Cross-Site Request Forgeries: Exploitation and Prevention. 2008.
Comment by alexkon, Jan 13, 2009

There's an interesting technique that allows an attacker to make his attacks permanent for some users by employing caching behavior. It is described in the Domain Contamination article by Amit Klein (2006). In addition to creating a separate page about cached malicious content, ArticleXSS and ArticleHttpCaching could also be updated to mention the threat.

Feel free to do this if you're interested because I'm not sure when I get the time for it.


Sign in to add a comment
Hosted by Google Code