Simon Willison’s Weblog

Blogmarks tagged xss, security, css

Filters: Type: blogmark × xss × security × css ×


MySpace: Too Much of a Good Thing? CSS customization really was just the result of forgetting to strip HTML. They “eventually” decided to filter out JavaScript(!) # 17th January 2007, 9:09 am

Mozilla causing XSS in Livejournal. Their recent worm attack was caused by the -moz-binding CSS property. # 22nd January 2006, 9:37 pm

Types

Years

Tags