koto

@kkotowicz

security ninja wannabe

Vrijeme pridruživanja: kolovoz 2007.

Medijski sadržaj

  1. 25. stu 2019.
    Odgovor korisnicima
  2. 1. stu 2019.

    Remember expression() in CSS? It's younger brother - Paint Worklets - is back!

  3. 10. lis 2019.
    Odgovor korisniku/ci
  4. 5. srp 2019.
    Odgovor korisniku/ci
  5. 7. lip 2019.

    just won a code minimization challenge at ! Smart algo optimization + Closure Compiler + ES6 were the tricks.

  6. 6. lip 2019.

    Ain't it cute? But also, correct?

  7. 31. svi 2019.

    You're done with Game of Thrones finale? Nothing to watch on the weekend? Try 40 minutes of pure Trusted Types presentation by yours truly, straight from . Because come on, it can't possibly be worse ;)

  8. 30. svi 2019.

    . speaking about building and hacking modern iOS apps at

  9. 19. tra 2019.
    Prikaži ovu nit
  10. 19. tra 2019.

    nails it at . These are your httponly cookies when used as an XSS mitigation.

    Prikaži ovu nit
  11. 17. tra 2019.
    Odgovor korisnicima
  12. 4. tra 2019.
    Odgovor korisnicima i sljedećem broju korisnika:

    Got ya, agreed. Do what said, folks!

  13. 27. sij 2019.
    Odgovor korisniku/ci
  14. 25. sij 2019.
    Odgovor korisniku/ci

    There is a way. Key word: management

  15. 8. lis 2018.
  16. 26. srp 2018.

    Sad that, in the announcement they advertise that CSP offers an XSS protection. It's very much not one, even according to the spec.

    Prikaži ovu nit
  17. 17. ožu 2018.
    Odgovor korisniku/ci
  18. 5. kol 2017.
    Odgovor korisnicima
  19. 18. svi 2017.

    , re: ngCsp mode in AngularJS is actually a built-in CSP _bypass_, not an integration. Bad for XSS defense.

  20. 16. svi 2017.

    The real history of XSS payloads:

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·