The slides of our @BlackHatEvents Talk on XSSI are now online http://goo.gl/39orfD cc @kcotsneb @datenkeller
-
-
Replying to @slekies
@slekies@BlackHatEvents@kcotsneb@datenkeller re putting dynamic data in inline scripts: that's also not sooo nice because of XSS auditor1 reply 0 retweets 0 likes -
Replying to @tehjh
@slekies@BlackHatEvents@kcotsneb@datenkeller in chrome <script>var o={"first":"Foo","last":"Bar"};</script> iirc lets you brute "Foo"1 reply 0 retweets 0 likes -
Replying to @tehjh
@slekies@BlackHatEvents@kcotsneb@datenkeller if you can detect blocking. iirc the auditor truncates the script body at the comma1 reply 0 retweets 0 likes
@slekies @kcotsneb @datenkeller it's somewhat theoretical, but still something to be aware of
12:27 PM - 14 Nov 2015
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.