Simon Willison’s Weblog


Saturday, 17th May 2008

A McAfee spokeswoman said the company rates XSS vulnerabilities less severe than SQL injections and other types of security bugs. "Currently, the presence of an XSS vulnerability does not cause a web site to fail HackerSafe certification," she said. "When McAfee identifies XSS, it notifies its customers and educates them about XSS vulnerabilities."

Dan Goodin

# 11:31 pm / idiotic, mcafee, security

Dopplr place googlemaps, with and without Yahoo Geo API bounding box adjustment. Dopplr uses Geonames for most geo information, but is now mixing in bounding box data from the Yahoo! Geo web service to improve the default zoom level for their maps. The JSON callback API means no server-side code is required on Dopplr’s end.

# 11:35 pm / dopplr, geonames, javascript, json, jsonp, mapping, matt-biddulph, whereonearth, yahoogeo

2008 » May