Simon Willison’s Weblog

Subscribe

Items tagged security, quora in 2011

Filters: Year: 2011 × security × quora × Sorted by date


Why would someone browse the web with JavaScript disabled?

Security conscious users (who understand the implications of XSS and CSRF attacks) sometimes disable JavaScript completely, or use a tool like the NoScript extension to disable it for all sites and only re-enable it on a small whitelist of sites that they trust.

[... 67 words]

2:30 pm / 23rd January 2011 / browsers, javascript, security, quora

What are the JSON security concerns in web development?

Be very careful when implementing JSON-P for authenticated actions—evil third party sites could assemble URLs to your user’s private data and steal it. This attack has worked against Gmail in the past.

[... 203 words]

5:39 pm / 6th January 2011 / javascript, json, security, quora

Types

Years

Months

Tags