On Monday, April 18, 2011 at 1:06 PM, tedd wrote:
Hi gang:
> Quite some time ago I had a demo that showed Javascript injection. It 
> was where a user could type in:
> <script> alert("Evil Code");</script>
> and a JavaScript alert would be shown.
> But now my demo no longer works. So, what happened? Was there a php 
> update that prohibited that sort of behavior or did hosts start 
> setting something to OFF, or what?
> If you know, please explain.
> Thanks,
> tedd
> -- 
> -------
> http://sperling.com/
Not that I know of. Are you talking about on-page injection, like comments and 
such? Normally JS injection would be that (bad scripts inserted by the user on 
a comment form or review page) or where you are using eval() and they dump bad 
code into there.


Joshua Kehn | josh.k...@gmail.com

Reply via email to