Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:Ugh (Score 1) 156

XSS is still a systemic error, not strictly coding. Why? Because it's code injection. If the browser was sandboxed, then the code couldn't do anything. Now, fi your bank was hit or your browser is sandboxed per instance, not tab, then you could lose your bank info to an attack, again, a high level design issue, not a coding issue.

Well even if the browser is sandboxed what would it change? The malicious code comes from the URL (either per mail or linking) and is displayed back to the user without any sanitizing, how is this not an coding error ?

Slashdot Top Deals

I'd rather just believe that it's done by little elves running around.

Working...