Luke, On Fri, Sep 28, 2012 at 5:48 AM, luke <[email protected]> wrote: > Hi guys: > I am still testing the new plugin inspectOriginHeaderScrutiny for HTML5, > for now I tested some website: > www.qq.com > www.renren.com > http://sourceforge.net > facebook.com > > these website all have CORS settings , you can see the configuration by type > domain/crossdomain.xml
CORS and crossdomain.xml are not very related. CORS is an HTML5 feature and crossdomain.xml is something related with Adobe Flash. > but I i use w3af scan these site , there is no result , apparently some of > these site did not configure well ! > > -- > FIT1-213 > Department of Computer Science > Tsinghua University, Beijing, 100084 > http://about.me/anakin/bio > > ------------------------------------------------------------------------------ > Got visibility? > Most devs has no idea what their production app looks like. > Find out how fast your code is with AppDynamics Lite. > http://ad.doubleclick.net/clk;262219671;13503038;y? > http://info.appdynamics.com/FreeJavaPerformanceDownload.html > _______________________________________________ > W3af-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/w3af-users > -- Andrés Riancho Project Leader at w3af - http://w3af.org/ Web Application Attack and Audit Framework Twitter: @w3af GPG: 0x93C344F3 ------------------------------------------------------------------------------ Don't let slow site performance ruin your business. Deploy New Relic APM Deploy New Relic app performance management and know exactly what is happening inside your Ruby, Python, PHP, Java, and .NET app Try New Relic at no cost today and get our sweet Data Nerd shirt too! http://p.sf.net/sfu/newrelic-dev2dev _______________________________________________ W3af-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/w3af-users
