Anil John on ASP.NET and XSS

Anil John posted some observations about cross-site scripting attacks and the mitigations offered by ASP.NET 1.1.

Matt Lyons did an XSS demo explaining some of this at the 2003 PDC Security Symposium. His demo is in the middle session: SECSYM2 - Security Symposium: Putting Security Theory Into Practice: Processes and Policies. Check it out here. You need to navigate through the Symposia heading.

Update: I really messed up the attribution on this. Anil was linking to an entry by Julie Lerman.

Comments (3)
  1. Anil John says:

    Actually, Julie posted the above. I just expanded on it 🙂

  2. Brian says:

    Oh, sorry about that. I’ve updated the posting.



Comments are closed.

Skip to main content