-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Shawn wrote: > Gustin Johnson wrote: >> <rant> >> I wish this was a cliche. Sadly we still have not yet implemented the >> security solutions from the previous decade before forging ahead. Web >> 2.0 developers I am looking at you! All you developers out there, how >> 'bout learning the lessons from the '90s before spewing forth more crap. >> </rant> > > Just to clarify - you were ranting in general? Not at my specific > suggestions? lol > Yes, it was just a rant in general. I was a little sensitive as I had just disabled NoScript moments earlier.
> As a Web Developer, I resemble your comments !!!! But then again, my > apps typically *require* JavaScript and run in a controlled environment > where I *know* it is available. I have no problem with that. The problem was that some "Web 2.0" (I hate that term almost as much as AJAX) devlopers do some cross site mashups that resemble cross site scripting/request forgery attacks. Even allowing all javascript in NoScript did not fix the problem, the cross site scripting protection and cross site request forgery protection in NoScript was what was breaking these pages. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAknekj8ACgkQwRXgH3rKGfPLBACeMXgw0rWmqJljNBSJGW7YGpX1 3BsAniL0eFIrt71t/AHJ6XdD+LUCU8Jg =403r -----END PGP SIGNATURE----- _______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
