Dan Crevier's Blog

In search of a better name...

January, 2007

Posts
  • Dan Crevier's Blog

    Web security is hard

    • 0 Comments
    I've been reading Jeremiah Grossman's great accounts of some JSON related cross site request forgery (CSRF) holes here and here . The basic pattern is that an AJAX website uses XmlHttpRequest to request some personal data that's returned with JSON from...
Page 1 of 1 (1 items)