Comments for Macaroni http://tedhusted.wordpress.com Ted Husted's Blog Mon, 07 Jul 2008 08:42:19 +0000 http://wordpress.org/?v=MU Comment on Fortifying Ajax by Douglas Crockford http://tedhusted.wordpress.com/2007/04/10/fortifying-ajax/#comment-3 Douglas Crockford Wed, 11 Apr 2007 23:30:37 +0000 http://tedhusted.wordpress.com/2007/04/10/fortifying-ajax/#comment-3 Suppose an attacker is able to choose some of the text in a message. If you wrap the JSON text as a comment, it can become dangerous. For example, if I can type a comment into a field like this */ alert('boo!'); /* then the alert becomes executable when it is correctly encoded in JSON with a comment wrapper. This is way scary. There are better ways to deal with this problem. Suppose an attacker is able to choose some of the text in a message. If you wrap the JSON text as a comment, it can become dangerous. For example, if I can type a comment into a field like this */ alert(’boo!’); /* then the alert becomes executable when it is correctly encoded in JSON with a comment wrapper. This is way scary. There are better ways to deal with this problem.

]]> Comment on Tour de Blog - WordPress by singchyun http://tedhusted.wordpress.com/2007/04/09/tour-de-blog-wordpress/#comment-2 singchyun Wed, 11 Apr 2007 15:52:31 +0000 http://tedhusted.wordpress.com/2007/04/09/tour-de-blog-wordpress/#comment-2 Hi Ted, One feature I like about Wordpress is the Blog Stats. You can check it out in your Wordpress dashboard. Have fun! :) Hi Ted,

One feature I like about WordPress is the Blog Stats. You can check it out in your WordPress dashboard.

Have fun! :)

]]>