Welcome to MSDN Blogs Sign in | Join | Help

Browse by Tags

All Tags » Internet Explor... » Cross-Site Scripting   (RSS)
Thursday, July 03, 2008 11:55 PM

IE8 XSS Filter design philosophy in-depth

It's great to see some positive reaction to the potential of our XSS Filter. Now we just need to deliver! In this blog post I’ll try to shed some light on our design philosophy. To understand how we have arrived at our current filtering approach, it is
Posted by dross | 1 Comments
Wednesday, July 02, 2008 9:29 AM

IE8 goes on the offensive against XSS!

IE has announced the new XSS Filter feature which will debut in IE8 Beta 2! Stay tuned to my blog in the coming weeks for more details on how the filter works, its history, its limitations, and some lessons learned during the development process.
Posted by dross | 1 Comments
Monday, March 10, 2008 1:06 PM

XSS-Focused Attack Surface Reduction

All web browsers expose what have been referred to as XSS “attack vectors” – various techniques that XSS attacks can leverage to achieve script execution. The best and most well regarded list of these behaviors is RSnake’s XSS Cheat Sheet . The existence
Posted by dross | 3 Comments
 
Page view tracker