Simon Willison’s Weblog

26th October 2008 - Link Blog

Web Security Horror Stories: The Director's Cut. Slides from the talk on web application security I gave this morning at <head>, the worldwide online conference. I just about managed to resist the temptation to present in my boxers. Topics include XSS, CSRF, Login CSRF and Clickjacking.

Posted 26th October 2008 at 12:15 pm

Recent articles

The Axios supply chain attack used individually targeted social engineering - 3rd April 2026
Highlights from my conversation about agentic engineering on Lenny's Podcast - 2nd April 2026
Mr. Chatterbox is a (weak) Victorian-era ethically trained model you can run on your own computer - 30th March 2026

This is a link post by Simon Willison, posted on 26th October 2008.

clickjacking 11 csrf 53 logincsrf 3 security 594 xss 60

Monthly briefing

Sponsor me for $10/month and get a curated email digest of the month's most important LLM developments.

Pay me to send you less!

Sponsor & subscribe