On Mon, Aug 27, 2012 at 09:05:05AM +0000, Dobbins, Roland <rdobb...@arbor.net> wrote a message of 16 lines which said:
> <http://www.skullsecurity.org/blog/2010/stuffing-javascript-into-dns-names> Funny but I'm not sure it is really useful for attacks in practice. Several technical errors in the article (such as when it says spaces do not work in DNS records). Anyway, it is a good opportunity to remind Web developers that output should always be done through a templating system, not with print() _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
