http://research.zscaler.com/2009/02/practical-example-of-cssqli-using.html
http://it.slashdot.org/article.pl?sid=09/02/19/2055210
- d.
On Fri, 20 Feb 2009 12:36:32 +0100, David Gerard dger...@gmail.com wrote:
http://research.zscaler.com/2009/02/practical-example-of-cssqli-using.html
http://it.slashdot.org/article.pl?sid=09/02/19/2055210
The subject line is rather misleading. It should be pretty clear that if a
website is
Greg Millam wrote:
* All timed text tracks encoded in the video file are added to the
list, as an implicit caption element.
I'm not entirely sure what you mean, but I don't think implying a new
element in the HTML based on text tracks within the media file is a good
idea, and nor is it
In reply to Ian Hickson's call for comments from vendors[1], I wasn't
subscribed at the time, so sorry for messing up thread status.
We agree that we need a solution quickly, and we are working on it. As IE has
already implemented it's own header, the most pragmatic route would be to
extend
Sigbjørn Vik wrote, On 20/02/2009 15.46:
There is currently little protection against clickjacking, the
x-frame-options is the first attempt.
Nope, it's the second and weakest:
http://hackademix.net/2008/10/08/hello-clearclick-goodbye-clickjacking/
http://noscript.net/faq#clearclick
--
Giorgio
On Fri, 20 Feb 2009 16:00:09 +0100, Giorgio Maone g.ma...@informaction.com
wrote:
Sigbjørn Vik wrote, On 20/02/2009 15.46:
There is currently little protection against clickjacking, the
x-frame-options is the first attempt.
Nope, it's the second and weakest:
Sigbjørn Vik wrote on 2/20/2009 8:46 AM:
One proposed way of doing this would be a single header, of the form:
x-cross-domain-options: deny=frame,post,auth; AllowSameOrigin;
allow=*.opera.com,example.net;
This incorporates the idea from the IE team, and extends on it.
Have you taken a look
Am Mittwoch, den 18.02.2009, 03:05 -0400 schrieb Biju g...@il:
I dont want to mute volume of computer because I want to hear sounds
from other running apps.
So I only mute the volume on the VIDEO tag control while testing
Firefox nightly.
But the irritating thing is I have to do it for
On Fri, 20 Feb 2009, David Gerard wrote:
http://research.zscaler.com/2009/02/practical-example-of-cssqli-using.html
http://it.slashdot.org/article.pl?sid=09/02/19/2055210
As Anne noted, this appears to be a bogus claim. I do not intend to change
the spec here. If anyone sees an actual
On 20.2.09 05:54, Lachlan Hunt wrote:
Greg Millam wrote:
* All timed text tracks encoded in the video file are added to the
list, as an implicit caption element.
I'm not entirely sure what you mean, but I don't think implying a new
element in the HTML based on text tracks within the media
10 matches
Mail list logo
