Vigilant, but not paranoid. XSS exists for a reason. A better solution IMHO would be to require the remote content to be signed by a particular source or something along those lines. Just my 2 cents.
On Fri, May 15, 2009 at 1:30 PM, Stephen <[email protected]> wrote: > given Lisa's previous rants I'm thinking both, and she would be right. > > it is in everyone's best interest to be vigilant. > > On Fri, May 15, 2009 at 12:56 PM, Alex Dean <[email protected]> wrote: > > > > On May 15, 2009, at 12:34 PM, Lisa Kachold wrote: > > > >> it's IMPORTANT to realize that WE ALL MUST BE SECURITY EXPERTS > > > > Who is 'we'? Programmers/admins/hackers, or the general public? > > > > --------------------------------------------------- > > -- James McPhee [email protected]
--------------------------------------------------- PLUG-discuss mailing list - [email protected] To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
