[B! js][security] Gimiteã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

Gimite id:Gimite

jsã¨securityã«é–¢ã™ã‚‹Gimiteã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯ (1)

${{author_name}}$

{{author_name}} {{created}}

{{{comment_expanded}}}

{{label}}

{{#is_bookmark}}ãƒªã‚¹ãƒˆ{{/is_bookmark}}{{^is_bookmark}}ãƒªãƒ³ã‚¯{{/is_bookmark}}

${{author_name}}$
{{author_name}}{{created}}
{{ #comment }}{{ comment }}{{ /comment }}
- {{ label }}

{{#following_bookmarks}}

${{author_name}}$

{{author_name}} {{created}}

{{{comment_expanded}}}

{{label}}

{{#is_bookmark}}ãƒªã‚¹ãƒˆ{{/is_bookmark}}{{^is_bookmark}}ãƒªãƒ³ã‚¯{{/is_bookmark}}

{{/following_bookmarks}}

{{/is_wiped}}

Kazuho@Cybozu Labs: å®‰å…¨ãª JSON, å±é™ºãª JSON (Cross-site Including?)
Â« ã‚¯ãƒã‚¹ã‚µã‚¤ãƒˆã®ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ãƒ¢ãƒ‡ãƒ« | ãƒ¡ã‚¤ãƒ³ | E4X-XSS è„†å¼±æ€§ã«ã¤ã„ã¦ Â» 2007å¹´01æœˆ06æ—¥ å®‰å…¨ãª JSON, å±é™ºãª JSON (Cross-site Including?) å…ˆã®ã‚¨ãƒ³ãƒˆãƒªã§ã€ JSON ã«ã¤ã„ã¦ã¯ã€JavaScript ã¨ã—ã¦å‰¯ä½œç”¨ã‚’ã‚‚ãŸãªã„ (ã‚‚ãŸã›ã‚ˆã†ãŒãªã„) ã‚†ãˆã«æ–‡æ³•é•åã§ã‚ã‚‹ãŒã‚†ãˆã«ã€ç§˜å¯†æƒ…å ±ã‚’å«ã‚€ãƒ‡ãƒ¼ã‚¿ãƒ•ã‚©ãƒ¼ãƒžãƒƒãƒˆã¨ã—ã¦ä½¿ç”¨ã™ã‚‹ã“ã¨ãŒã§ãã‚‹ã®ã§ã™ã€‚ (Kazuho@Cybozu Labs: ã‚¯ãƒã‚¹ã‚µã‚¤ãƒˆã®ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ãƒ¢ãƒ‡ãƒ«) ã¨æ›¸ã„ãŸã®ã§ã™ãŒã€èªè˜ãŒç”˜ã‹ã£ãŸã‚ˆã†ã§ã™ã€‚Jeremiah Grossman: Advanced Web Attack Techniques using GMail ã«ã‚ˆã‚‹ã¨ã€é…åˆ—ã®åˆæœŸåŒ–æ¼”ç®—å [] ã®å‹•ä½œã‚’å¤–éƒ¨ã‹ã‚‰å¤‰æ›´ã™ã‚‹ã“ã¨ãŒã§ãã‚‹æ³¨1ã¨ã®ã“ã¨ã€‚ å®Ÿéš›ã«æ‰‹å…ƒã® Firefox 1.5 ã§è©¦ã—ã¦ã¿ãŸã¨ã“ã‚ã€JS
Gimite 2007/01/08
security

js
ãƒªãƒ³ã‚¯
1

ãŠçŸ¥ã‚‰ã›

ã‚‚ã£ã¨èªã‚€

å…¬å¼Twitter

@HatenaBookmark
ãƒªãƒªãƒ¼ã‚¹ã€éšœå®³æƒ…å ±ãªã©ã®ã‚µãƒ¼ãƒ“ã‚¹ã®ãŠçŸ¥ã‚‰ã›
@hatebu
æœ€æ–°ã®äººæ°—ã‚¨ãƒ³ãƒˆãƒªãƒ¼ã®é…ä¿¡

ã‚ãƒ¼ãƒœãƒ¼ãƒ‰ã‚·ãƒ§ãƒ¼ãƒˆã‚«ãƒƒãƒˆä¸€è¦§

jæ¬¡ã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

kå‰ã®ãƒ–ãƒƒã‚¯ãƒžãƒ¼ã‚¯

lã‚ã¨ã§èªã‚€

eã‚³ãƒ¡ãƒ³ãƒˆä¸€è¦§ã‚’é–‹ã

oãƒšãƒ¼ã‚¸ã‚’é–‹ã

è¨å®šã‚’å¤‰æ›´ã—ã¾ã—ãŸx