[12:59:08 CDT(-0500)] <EricDalquist> freaking javascript
[12:59:09 CDT(-0500)] <EricDalquist> http://directwebremoting.org/blog/joe/2007/03/05/json_is_not_as_safe_as_people_think_it_is.html
[12:59:55 CDT(-0500)] <athena> evil
[13:00:17 CDT(-0500)] <athena> probably still need to talk about what we want to do for REST feed security
[13:00:28 CDT(-0500)] <EricDalquist> I'm doing more looking into CSRF protection for a portlet I'm working on here
[13:00:38 CDT(-0500)] <EricDalquist> and finding all sorts of badness that can be done
[13:00:42 CDT(-0500)] <athena> :/
[13:00:56 CDT(-0500)] <EricDalquist> primarily because JS is so flexible
[13:01:09 CDT(-0500)] <athena> yeah
Page Comparison
General
Content
Integrations