25 November 2011

XSS Deep Dive

While on the topic of research papers, I came across another interesting paper on the UC Berkely web site while checking the reference for the effect of development tools on security.

Joel Weinberger, Prateek Saxena, Devdatta Akhawe, Matthew Finifter, Richard Shin and Dawn Song have undertaken an assessment of cross-site scripting (XSS) sanitisation in web application frameworks. A Systematic Analysis of XSS Sanitization in Web Application Frameworks is somewhat heavy on the maths in places, but that shouldn't put off those involved in development who want to learn more about the difficulties of sanitisation and the limitations of the sanitisation methods that are supported in some frameworks.

Posted on: 25 November 2011 at 18:36 hrs

Comments Comments (0) | Permalink | Send Send | Post to Twitter

Comments

Comments are filtered automatically and should appear shortly after they been checked.

Post a comment
Confirm acceptance and understanding of the terms of use
New posts to this thread will be sent to your email address
XSS Deep Dive
http://www.clerkendweller.com/2011/11/25/XSS-Deep-Dive
ISO/IEC 18004:2006 QR code for http://clerkendweller.com

Page http://www.clerkendweller.com/2011/11/25/XSS-Deep-Dive
Requested by 38.107.179.224 on Thursday, 17 May 2012 at 22:35 hrs (London date/time)

Please read our terms of use and obtain professional advice before undertaking any actions based on the opinions, suggestions and generic guidance presented here. Your organisation's situation will be unique and all practices and controls need to be assessed with consideration of your own business context.

Terms of use http://www.clerkendweller.com/page/terms
Privacy statement http://www.clerkendweller.com/page/privacy
© 2011-2012 clerkendweller.com