Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Comment Re:With all due respect (Score 1) 167

The only reason he needed to "phish" was that this site had a maxlength on the relevant textbox

What on EARTH are you talking about?
So now we are expecting users to type in the relevant Javascript to perform the XSS themselves?
Or are we now performing XSS via XSS, which would depend entirely on guessing whether or not your target had an account, and intended to log in at said web-application before session timeout...
Geez, get a clue!

Retirement means that when someone says "Have a nice day", you actually have a shot at it.