Simon Willison’s Weblog

Don't serve JSON as text/html. Another sneaky XSS trick.

Posted 5th July 2006 at 11:46 pm

Tagged http, xss, json, security

Search
©
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018