2008 March | Aaron Saray

contains PHP, Web and business/entrepreneurial related content. Please join in the conversation!

Monthly Archives: March 2008

XSS with Img OnError attribute

Posted on March 19, 2008 by Aaron

So much of my time is spent worrying over the src or href tags on images and links – that I sometimes forget about the other attributes. Imagine being able to make an image which has no black-flagged content in … Continue reading →

Posted in javascript, PHP, security | Tagged javascript, PHP, security | Leave a comment

Link Checking Module – 1st attempt

Posted on March 19, 2008 by Aaron

So I wrote some code the other day. It sat in my code repository and I never tested it. I was pretty certain it was going to be some good code, though. A few weeks later I came back to … Continue reading →

Posted in PHP, Website Monitoring Project | Tagged PHP | 2 Comments

Update your URL filtering: possible XSS from "Data" URL scheme – Firefox

Posted on March 17, 2008 by Aaron

In regards to the Data in URL scheme (RFC here), I’ve found an interesting issue with the way firefox handles it which could lead to some XSS I think. First of all, if you’re not aware of the feature, let … Continue reading →

Posted in html, javascript, security | Tagged html, javascript, security | Leave a comment

Aaron Saray

open source programmer,
web developer

entrepreneur, author
and musician

My Blog

Monthly Archives: March 2008

XSS with Img OnError attribute

Link Checking Module – 1st attempt

Update your URL filtering: possible XSS from "Data" URL scheme – Firefox