Simon Willison’s Weblog

Items tagged xss, security, json

Filters: xss × security × json ×


Security; AJAX; JSON; Satisfaction. The JSON attack I linked to earlier only works against raw arrays, which technically aren’t valid JSON anyway. # 6th March 2007, 8:06 am

Don’t serve JSON as text/html. Another sneaky XSS trick. # 5th July 2006, 11:46 pm

Types

Years

Tags