[cryptography] How to safely produce web pages from multiple sources?
kyle.creyts at gmail.com
Wed Aug 29 02:26:27 EDT 2012
This makes me wonder about calculated styles... someone could still likely
deface your page
On Aug 28, 2012 11:11 PM, "James A. Donald" <jamesd at echeque.com> wrote:
> On 2012-08-29 12:10 PM, Natanael wrote:
>> Isn't the standard answer to always verify, verify, verify? Make sure
>> you only accept some types of data from Malloc and verify it *can't* do
>> strange crap. Also, read up on XSS prevention and all that.
> In other words, Bob's server reads malloc's content, rejects everything
> passes the test, incorporates it into its own web page.
> cryptography mailing list
> cryptography at randombit.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography