crschmidt: (Default)
crschmidt ([personal profile] crschmidt) wrote2006-01-22 11:09 pm
  • Add Memory
  • Share This Entry

HTML Cleaner "Spermicide"

While we could discuss forever that HttpOnly isn't a complete solution for all
attack instances, that's not what matters. It's like saying, "Well, condoms
don't _always_ work, so let's just not use anything!" HttpOnly does work most
of the time, especially for stopping what our HTML/CSS spermicide doesn't.


-- Brad, https://bugzilla.mozilla.org/show_bug.cgi?id=178993#c49
  • Add Memory
  • Share This Entry
(4 comments)

Post a comment in response:

This account has disabled anonymous posting.
If you don't have an account you can create one now.
HTML doesn't work in the subject.
More info about formatting
 
Notice: This account is set to log the IP addresses of everyone who comments.
Links will be displayed as unclickable URLs to help prevent spam.