Simon Willison’s Weblog

Subscribe

Saturday, 17th May 2008

A McAfee spokeswoman said the company rates XSS vulnerabilities less severe than SQL injections and other types of security bugs. "Currently, the presence of an XSS vulnerability does not cause a web site to fail HackerSafe certification," she said. "When McAfee identifies XSS, it notifies its customers and educates them about XSS vulnerabilities."

Dan Goodin

# 11:31 pm / idiotic, mcafee, security

Dopplr place googlemaps, with and without Yahoo Geo API bounding box adjustment. Dopplr uses Geonames for most geo information, but is now mixing in bounding box data from the Yahoo! Geo web service to improve the default zoom level for their maps. The JSON callback API means no server-side code is required on Dopplr’s end.

# 11:35 pm / dopplr, geonames, javascript, json, jsonp, mapping, matt-biddulph, whereonearth, yahoogeo

2008 » May

MTWTFSS
   1234
567891011
12131415161718
19202122232425
262728293031