Wouldn't this apply to any Ajax functions in any JS framework? Rey,
how do you suppose they are billing this as a potential security hole
for unauthorized access? I just don't see it. I was really hoping
Chris would contact me.
On Jan 14, 4:51 pm, Rey Bango r...@reybango.com wrote:
Hey Chris,
Chris,
Check your gmail. I wrote you with some info.
Justin
On Jan 14, 2:43 pm, Rey Bango r...@reybango.com wrote:
Hi Chris,
Thanks for the email. I think the best way to help us is to provide us
with detailed information as to what your security team is having
issues with. XHR in itself
Rey, thanks for getting back to me. The issues were flagged as cross-
site scripting, saying a call to getScript, getJSON etc. leaves the
door open for unauthorized requests.
Even though we are sure that we could use this safely in an
application, we are at the mercy of the scan results. Sorry
Hey Chris,
I understand. Unfortunately, without more details, it's going to be
very hard for us to help. If you can get us more info, we're here to
listen and help.
Rey...
On Thu, Jan 14, 2010 at 4:45 PM, ChrisM manni...@gmail.com wrote:
Rey, thanks for getting back to me. The issues were
4 matches
Mail list logo