[cap-talk] Origin enables XSS to escalate to XSRF (was: security issue with XMLHttpRequest API compatibility)
Mark S. Miller
erights at google.com
Sun Jun 7 18:53:36 EDT 2009
I started this thread with a large recipient list so that others I expect to
be interested would be aware of it. All further messages on this thread
should occur only on <public-webapps at w3.org>. I will direct all my further
replies only there.
Sorry for any unnecessary or inappropriate noise.
--
Cheers,
--MarkM
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.eros-os.org/pipermail/cap-talk/attachments/20090607/2acb0721/attachment-0001.html
More information about the cap-talk
mailing list