Patches item #1697059, was opened at 2007-04-09 19:22
Message generated for change (Comment added) made by cito
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=304866&aid=1697059&group_id=4866
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: WebKit
Group: None
>Status: Closed
>Resolution: Accepted
Priority: 5
Private: No
Submitted By: Pi�ronne Jean-Fran�ois (pieronne)
Assigned to: Christoph Zwerschke (cito)
Summary: JSON security fix
Initial Comment:
Recent study show that JSON protocol may be vulnerable to some form of hacking.
This patch fix this.
There is also a cosmetic update.
References:
http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf
http://getahead.org/blog/joe/2007/03/05/json_is_not_as_safe_as_people_think_it_is.html
JF
----------------------------------------------------------------------
>Comment By: Christoph Zwerschke (cito)
Date: 2007-04-22 20:45
Message:
Logged In: YES
user_id=193957
Originator: NO
This patch has been applied in rev6502.
----------------------------------------------------------------------
Comment By: Christoph Zwerschke (cito)
Date: 2007-04-13 00:06
Message:
Logged In: YES
user_id=193957
Originator: NO
Thanks, this will probably be included in Webware 0.9.3.
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=304866&aid=1697059&group_id=4866
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Webware-devel mailing list
Webware-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/webware-devel
