Taras,
At the moment I'm rewriting the whole threading stuff for w3af so I
don't have much time to review the XSS, please let me know when you
have a beta and then I'll review.
Regards,
On Wed, Jun 20, 2012 at 3:04 PM, Taras wrote:
> Andres,
>
> by the way currently I'm coding context detection
Andres,
by the way currently I'm coding context detection logic with tests here [0].
[0] https://w3af.svn.sourceforge.net/svnroot/w3af/branches/xss/test.py
>>> I **hope** that number of requests to detect possible XSS flaw will be
>>> decreased to only 1 request
>>
>> My opinion is that it won'
Andres,
>> I **hope** that number of requests to detect possible XSS flaw will be
>> decreased to only 1 request
>
> My opinion is that it won't be possible to do it with 1 request
> AND have a good heuristic that will work when some filters are in
> place. For example, if you send a payload
