Simon Willison’s Weblog

5th April 2007 - Link Blog

Fortify JavaScript Hijacking FUD. Bob Ippolito points out the flaws in the recent widely disseminated JavaScript Hijacking paper. While the paper does miss some important details, it’s good that more people are now aware of the security implications involved in serving JSON up wrapped in an array.

Posted 5th April 2007 at 10:51 pm

Recent articles

Profiling Hacker News users based on their comments - 21st March 2026
Thoughts on OpenAI acquiring Astral and uv/ruff/ty - 19th March 2026
GPT-5.4 mini and GPT-5.4 nano, which can describe 76,000 photos for $52 - 17th March 2026

This is a link post by Simon Willison, posted on 5th April 2007.

bob-ippolito 5 javascript 745 json 144 security 579

Monthly briefing

Sponsor me for $10/month and get a curated email digest of the month's most important LLM developments.

Pay me to send you less!

Sponsor & subscribe