nice work by my teammates at @YahooSecurity open-sourcing their work in context-sensitive XSS prevention!http://yahoo-security.tumblr.com/post/128130790295/paranoid-labs-open-source-and-solving-xss-in …
-
-
@JordanHawker@bcrypt@YahooSecurity@tomdale but there is some work to be done at the edges /cc@stefanpenner -
@wycats@JordanHawker@bcrypt@YahooSecurity@tomdale htmlbars (having actually Dom context) has a much better sec story -
@wycats@JordanHawker@bcrypt@YahooSecurity@tomdale the vanilla handlebars -
@wycats@JordanHawker@bcrypt@YahooSecurity@tomdale I have a doc exploring this. I'll try to get it out soon -
@wycats@JordanHawker@bcrypt@YahooSecurity@tomdale I am excited to actually consume the sec teams work though -
@yahoosecurity It would be fun to compare and contrast Safe handlebars \w HTMLBars.@tomdale@wycats@jordanhawker@bcrypt
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.