August 2007 - The HP Security Laboratory Blog -

Sign in | Join | Help

August 2007 - The HP Security Laboratory Blog

The HP Security Laboratory Blog

Home
Contact

Syndication

Recent Posts

Tags

Archives

Sort by: Most Recent | Most Viewed | Most Commented

Ajax Security Acceptance

Its time again for AjaxWorld , the largest Ajax conference in the US. Bryan and I are thrilled. AjaxWorld offered us back -to- back sessions so we can do a 90+ minute workshop on how to break into Ajax applications. We will not only hit the major themes...

Published 08-30-2007 12:45 PM by Billy

Filed under: Ajax, conferences, JavaScript, Ajax Security Book, AJAXWorld
The real reason for (JavaScript|JSON) Hijacking

When JSON hijacking was first discussed and demonstrated in 2006 and 2007 by Whitehat, Fortify and others, all of the proof of concepts used Mozilla specific JavaScript extensions like setter or __defineSetter__ . This led many people to believe that...

Published 08-27-2007 1:59 PM by Billy

Filed under: Ajax, security, book, JSON

Privacy Statement

Powered by Community Server (Non-Commercial Edition), by Telligent Systems

Information disclosed in this community becomes public. Exercise caution when deciding to disclose your personal information. HP reserves the right, but is not obligated to, edit or remove your comment if it contains personally identifiable information or other content HP deems unacceptable. Opinions expressed are your personal opinions or those of the original authors, and not of HP. Please see HP's web Terms of Use for more details.

Privacy statement | Using this site means you accept its terms