PC World

Cross-Site Scripting: An Old Problem Returns

Illustration by Mark Todd In May, Web security consultant George Deglin discovered a cross-site scripting (XSS) exploit that involved Facebook’s controversial Instant Personalization feature. The ...
Computerworld

Regular Expressions: Manage CORBA with scripting

We like to do a lot with a little. That’s the attraction of scripting: it manages big, complicated computing systems — CORBA, for example — with simple, low-cost means. We affectionately call CORBA ...
Visual Studio Magazine

Accept HTML and Script from Your Web Pages

You can turn off checking for HTML on a property-by-property basis by decorating properties in your Model object (SampleInput, in my example), with the AllowHtml attribute. This turns off validation ...
heise online

Web-Security: With Content Security Policy against Cross-Site Scripting, Part 2

Cross-site scripting (XSS) remains one of the most common security threats to web applications. Despite advanced protection mechanisms, attackers continue to find new ways to exploit XSS ...