PC World

Cross-Site Scripting: An Old Problem Returns

Illustration by Mark Todd In May, Web security consultant George Deglin discovered a cross-site scripting (XSS) exploit that involved Facebook’s controversial Instant Personalization feature. The ...
InfoWorld

Ajax programming with the Java Scripting API

Jeff Friesen’s Beginning Java SE 6 Platform: From Novice to Professional is out now from Apress. In this article Jeff introduces you to his new book by presenting excerpts from its chapter on the Java ...
InfoWorld

Speak your own programming language with Web scripting

The Web scripting capability of Java Specification Request (JSR) 223, Scripting for the Java Platform, specifies what a script engine must implement so that code written in the script language can run ...
heise online

Web security: With content security policy against cross-site scripting, part 1

Cross-site scripting (XSS) remains a serious threat, even though the most commonly used front-end frameworks come with many security functions as standard. Frameworks such as React or Angular offer ...
CSOonline

What’s old is new again: AI is bringing XSS vulnerabilities back to the spotlight

Cross-site scripting vulnerabilities (XSS) have vexed cybersecurity professionals for 30 years. Following a CISA and FBI alert, experts say unless these flaws are fixed soon, AI models may ingest and ...
Computerworld

Regular Expressions: Manage CORBA with scripting

We like to do a lot with a little. That’s the attraction of scripting: it manages big, complicated computing systems — CORBA, for example — with simple, low-cost means. We affectionately call CORBA ...
heise online

Web-Security: With Content Security Policy against Cross-Site Scripting, Part 2

Cross-site scripting (XSS) remains one of the most common security threats to web applications. Despite advanced protection mechanisms, attackers continue to find new ways to exploit XSS ...