Follow Slashdot stories on Twitter


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Simple solution (Score 1) 355

Seems like the simple solution is to serve all non-trusted content from a separate hostname. For example, serve avatars or uploaded files from

As far as I can tell this would stop the attack nicely. The malicious SWF would execute in the context of a domain you don't care about.

Slashdot Top Deals

Enzymes are things invented by biologists that explain things which otherwise require harder thinking. -- Jerome Lettvin