Friday, February 18, 2005

XSS Attacks

Following three things i found across my experience, that happen with query strings appended to URL.
1. Write to a object and store for some other use
2. Redirect to a different page
3. Pass the value to database as parameterized value (This one is particularly i m not happy about)

This posting talks about XSS Scripting and vulnerabilities. It speaks about utf-8 encoding to overcome. What about content that does not support utf-8 ?

What about in .NET 2.0 ?? Breaking news is that .NET 2.0 has lot of improved security enhancements, like new cryptographic routines, improved security namespaces, new Security APIs..

Time to get fingers crossed.

Tuesday, February 01, 2005

New MSN Search

MSN search is back with improved search engine.

I've been googling, but this bubbly new MSN search has taken me of all favourites. One feature i've liked is cached search results, as we get on Google Complete, but with no extra different URL !!!

One thing I would like to see there in MSN Search is no top banner, and contain some cool XP Floating themes instead.

Happy Searching.