Andrew Red
2007-Apr-13 10:37 UTC
Is JavaScript JSON Hijacking problems present/considered in Prototype''s coming release?
I sort of let things loose on Prototype''s growth for awhile - yet, as the article (found here: http://webreflection.blogspot.com/2007/04/are-130-byte-enought-to-solve.html) came before me, the question arose: ''is the issue considered in Prototype?'' I couldn''t find a bug regarding it: the one in German isn''t counted. ) So I roll it in here. Please consider. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Spinoffs" group. To post to this group, send email to rubyonrails-spinoffs-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-spinoffs-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-spinoffs?hl=en -~----------~----~----~----~------~----~------~--~---
Andrew Red
2007-Apr-13 10:43 UTC
Re: Is JavaScript JSON Hijacking problems present/considered in Prototype''s coming release?
Oh, almost forgot: there''s another linked article on that: http://getahead.org/blog/joe/2007/04/04/how_to_protect_a_json_or_javascript_service.html --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Spinoffs" group. To post to this group, send email to rubyonrails-spinoffs-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-spinoffs-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-spinoffs?hl=en -~----------~----~----~----~------~----~------~--~---
tobie
2007-Apr-13 16:34 UTC
Re: Is JavaScript JSON Hijacking problems present/considered in Prototype''s coming release?
see this patch: http://dev.rubyonrails.org/ticket/7910 On Apr 13, 6:43 am, "Andrew Red" <arevin...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> Oh, almost forgot: there''s another linked article on that:http://getahead.org/blog/joe/2007/04/04/how_to_protect_a_json_or_java...--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Spinoffs" group. To post to this group, send email to rubyonrails-spinoffs-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-spinoffs-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-spinoffs?hl=en -~----------~----~----~----~------~----~------~--~---