Simon Willison’s Weblog

Subscribe

Wednesday, 5th July 2006

Don’t serve JSON as text/html. Another sneaky XSS trick.

# 11:46 pm / http, json, security, xss

2006 » July

MTWTFSS
     12
3456789
10111213141516
17181920212223
24252627282930
31