:: urbansheep (urbansheep) wrote,
:: urbansheep

  • Music:

[ L ] XSS, Trust, and Barney


Why You Can't Trust Anybody

Cross-site scripting (or "CSS," as it was unfortunately christened by some folks who probably don't have much daily contact with cascading style sheets) is a "new" security issue that might just surprise you with how insidious and wide-ranging it is. To avoid confusion, since this stuff is already confusing enough, I've decided to use the acronym XSS to refer to cross-site scripting, figuring that anyone who's ever seen a "PED XING" sign will know what I'm talking about. But what I'd really like to call it (if only I had more clout in the land of acronymphs!) is the "YSTANEBPD vulnerability," which is short for "you shouldn't trust anybody, not even big purple dinosaurs."


„ТНДВНДБЛД“, фонетическое „тэндэвэндэблэд“, „Ты не должен верить никому, даже большим лиловым динозаврам“. Отличный девиз для любого параноика! Надо подарить Горыну, он должен оценить его с неменьшим энтузиазмом, чем я.

Да, и статья про XSS тоже познавательная, очень рекомендуется для тех, кто ещё не в курсе того, как это бывает и что такое XSS hijack.

  • Post a new comment


    Comments allowed for friends only

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded