On 20 Sep 2008, at 01:23, Michelle Konzack wrote:
Am 2008-09-05 17:11:58, schrieb Stut:
You're trying to post to the browser which won't know how to handle
it. The header() function is modifying the response headers that are
being sent back to the browser, they do not create a new request.
If y
On Sun, 2008-09-21 at 14:29 +0200, Lupus Michaelis wrote:
> Maciek Sokolewicz a écrit :
>
> > Your xss answer is moot. XSS attacks can (almost) just as easily be
> > performed via POST as they can via GET.
>
>No, because you can't click on a link that make a post. Maybe on
> unsecured brows
Maciek Sokolewicz a écrit :
Your xss answer is moot. XSS attacks can (almost) just as easily be
performed via POST as they can via GET.
No, because you can't click on a link that make a post. Maybe on
unsecured browser that allows Xhr (and a POST so) on every sites on the
Internet.
--
Mi
Lupus Michaelis wrote:
Michelle Konzack a écrit :
Why using JS?
echo "";
would do the trick...
No, because it'll not send back the datas in the hide form. And if you
suggest to pass datas in a HTTP GET, I'll answer XSS in the scope :)
Your xss answer is moot. XSS attacks can (almos
Michelle Konzack a écrit :
Why using JS?
echo "";
would do the trick...
No, because it'll not send back the datas in the hide form. And if
you suggest to pass datas in a HTTP GET, I'll answer XSS in the scope :)
--
Mickaël Wolff aka Lupus Michaelis
http://lupusmic.org
--
PHP Genera
Hi Stut,
Am 2008-09-05 17:11:58, schrieb Stut:
> You're trying to post to the browser which won't know how to handle
> it. The header() function is modifying the response headers that are
> being sent back to the browser, they do not create a new request.
>
> If you want to do a new request I
6 matches
Mail list logo
