Topics
Tags
Favorite Links
Translate
Pick Your Language
Security Books
Archives
Recent entries...
Twitter
Sponsored Ads
Popular Pages
Sponsored Ads
The Web Security Mailing List

« WASC Distributed Open Proxy Honeypot Shows Brute Force Attacks Against Yahoo | Main | Microsoft publishes BinScope and MiniFuzz »

Chrome adds defence for cross-site scripting attacks, already busted

"The 4.0.207.0 release uses a reflective XSS filter that checks each script before it executes to check if the script appears in the request that generated the page. Should it find a match, the script will be blocked. According to Chromium developer Adam Barth, the developers plan to post an academic paper that will describe the new filter in further detail at a later time." - H-Online

However the folks at the slackers forum are already breaking it. While not totally rock solid still a step in the right direction.

H-Online: http://www.h-online.com/security/Chrome-adds-new-defence-for-cross-site-scripting-attacks--/news/114220

Posted by Robert A. on 09/15/2009 in Browsers , Funny , IndustryNews , XSS | Permalink | Reddit

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.


All Comments are Moderated and will be delayed!


Post a comment







Remember personal info?


Copyright 2000-2009 CGISecurity.com | Privacy Policy| java mailing list| resolve ip| Mailing Lists | Sony deals