Tags: cross site scripting, google, security
News (15)
Google uses Lemon to find holes in apps
Google is working on a security tool -- codenamed Lemon -- to detect vulnerabilities in its Web applications. Read more »
Howard 'hacker' pleads innocence
The so-called "Howard hacker", who has apparently been reported to the Australian Federal Police, told ZDNet Australia that he is innocent of defacing the Liberal Web site. Read more »
Google fixes Gmail 'ethical hacker' vulnerability
Three days after ethical hacker Petko Petkov announced his discovery of a cross-site scripting vulnerability in Gmail, Google says it has fixed the problem. Read more »
Gmail cookie vulnerability exposes user's privacy
Petko Petkov of ethical hacking group GNUCitizen, has developed a proof-of-concept program to steal contacts and incoming e-mails from Google Gmail users. Read more »
Google thanks bug hunters
Google is giving friendly bug hunters an ego-boost with a new page added to its corporate Web site. Read more »
Google fixes Web site security bug
Google has fixed a security flaw on its Web site that opened the door to phishing scams, account hijacks and other attacks, security researchers said on Monday. Read more »
Google details 'reboot' bug, Android security fixes
Google has begun releasing some details about the vulnerabilities it patched in two updates to Google's Android operating system software in the T-Mobile G1 smartphone. Read more »
Google flaw adds phishing hole to Web sites
A security flaw in Google's search appliances could expose Web sites that use the products to information-stealing phishing attacks, experts warned on Monday in the US. Read more »
Google plugs Gmail data leak flaw
Google has fixed a security hole in several of its services that exposed the address books of Gmail users, the company said on Tuesday in the US. Read more »
Google RatProxy looks for cross-site flaws
Google released a free tool Tuesday that should help Web developers find and fix cross-site vulnerabilities. Read more »
Features (3)
What is cross-site scripting?
Cross-site scripting, also known as "XSS," is a class of security exploit that has gotten a fair bit of attention in the last few years. This article explains what it is and where the dangers lie. Read more »
Be aware of AJAX's drawbacks
Some developers view AJAX as the silver bullet for every scenario. However, AJAX introduces its own set of hazards in various areas, which include: development time, browsing history and experience, search engine interaction, accessibility, server load, and security. Read more »
Automate and extend Firefox with the Chickenfoot add-on
Chickenfoot is a Firefox add-on that allows you to automate user actions within the browser environment. It also lets you extend the browser interface to provide additional features to a Web page. Read more »
News and features
- Latest
- Popular
- Features
- Most Discussed
-
This blog post covers some of the technologies available for creating applications for the Semantic Web. Read more »
-
Bridging the gap between programmers and the visionA successful project will have a hard time flying if you don't walk through the game plan before writing a line of code. Read more »
-
Social news start-up Streem shuts downSydney social news start-up Streem will shut down this afternoon, according to a heartfelt notice posted on the site this morning by its founder Elgar Welch. Read more »
-
How to Reset Windows passwords
2008/10/01 14:31:09
-
Five things to consider when choosing a Linux distribution
2008/10/01 15:50:33
-
Cyber-terrorism 'a big threat'
2008/12/01 12:43:32
What's on?
-
Space pr0n, patent karma and Yang out -- Club Builder
On Club Builder this week: how NASA plans to get the Internet into space, Jerry Yang is out the door at Yahoo and Brendan Eich discusses javascript engine competition.