» xss MaisonBisson.com

Mark Jaquith On WordPress Security For Plugin Developers

I’ve been pretty aware of the risks of SQL injection and am militant about keeping my database interactions clean. Mark Jaquith today reminded me about the need to make sure my browser output is filtered through clean_url(), sanitize_url(), and attribute_escape(). Furthermore, we all need to remember current_user_can(), check_admin_referer(), and nonces.

Posted August 16, 2008 by Casey
Categories: Technology. Tags: coding standards, Mark Jaquith, php, security, SQL injections, web security, WordCamp, wordpress, XSRF, xss. Be the first one.

50+ Ways Good HTML Can Go Bad

Via Brad Neuberg: RSnake’s XSS (Cross Site Scripting) Cheatsheet: Esp: for filter evasion.
Limitations on cross site scripting (XSS hereafter) have been troubling me as I try to write enhancements to our library catalog, but the reasons for the prohibition are sound. Without them I could snort your browser cookies (RSnake lists: “cookie/credential stealing/replay/session riding” among [...]

Posted November 1, 2005 by Casey
Categories: Technology. Tags: browser threats, cheatsheet, cross site javascript, cross site scripting, filter evasion, internet threats, javascript, scripting, threat, threats, web, web browser, xss. 4 Comments.

Popular Posts
- Lies, Damn Lies, and Statistics (1972)
- Six Weapons of Influence (1419)
- Introducing bsuite_speedcache (1404)
- Funky Time (1166)
- Dreams. What Do They Mean? (977)
- DeSoto report leaked. (802)
- Big Bear Photos Circulating (796)
- Presentation: Designing an OPAC for Web 2.0 (743)
- Freedom (Video) (731)
- The State Of Democracy (647)
- EBN Videos Online (603)
- bSuite 4 (585)
- Copyright and Academic Libraries (556)
- State of the Union? (495)
- Poet-Bot (458)
Recently Commented Posts
- iTunes Music Store API? (10)
- Sweet Drobo Home RAID (1)
- Where’s My Video Jukebox? (3)
- Lies, Damn Lies, and Statistics (12)
- More Bluetooth Hacks (259)
- Celebrate Independence Day With A Drink (7)
- CommentPress Comments (5)
Tags
apple art beta blog blogging bstat bsuite bush copyfight copyright flickr funny future libraries george bush george w bush google google economy internet iphone ipod lib20 libraries library library 2.0 library catalog mac movie music mysql opac open source photo php plugin politics presentation search social software statistics video w web 2.0 wordpress wordpress plugin wpopac
Recent Posts
Archives
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005
- September 2005
- August 2005
- July 2005
- June 2005
- May 2005
- April 2005
- March 2005
- February 2005
- January 2005
- December 2004
- November 2004
- October 2004
- September 2004
- August 2004
- July 2004
- June 2004
- May 2004
- April 2004
- March 2004
- February 2004
- January 2004
- December 2003
- October 2003
- August 2003
- July 2003
- June 2003
- May 2003
- April 2003
- March 2003
- February 2003
- January 2003
- December 2002
- November 2002
- October 2002
- September 2002
- August 2002
- July 2002
- June 2002
- May 2002
- April 2002
Popular Searches
- hacking bluetooth software (9)
- www.sex.com (8)
- what does dreams mean (7)
- www.89.ar.com (7)
- 89.com (6)
- Walking Desk (6)
- Turbine for sale (6)
- Trenoble (5)
- www.89.porno.com (5)
- www.old man tales.com (5)
- Four Person Bike (5)
- www.eart (5)
- filme pono (5)
- www.89.com.in (4)
- 123 clips.com (4)

Projects

Elsewhere...

Meta

Mark Jaquith On WordPress Security For Plugin Developers

50+ Ways Good HTML Can Go Bad

Popular Posts

Recently Commented Posts

Recent Posts

Archives

Popular Searches