#81 JSON security fix

closed-accepted
WebKit (45)
5
2007-04-22
2007-04-09
No

Recent study show that JSON protocol may be vulnerable to some form of hacking.
This patch fix this.
There is also a cosmetic update.

References: http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf http://getahead.org/blog/joe/2007/03/05/json_is_not_as_safe_as_people_think_it_is.html

JF

Discussion

  • Piéronne Jean-François

    patch for JSONRPCServlet.py

     
    Attachments
  • Christoph Zwerschke

    • assigned_to: nobody --> cito
     
  • Christoph Zwerschke

    Logged In: YES
    user_id=193957
    Originator: NO

    Thanks, this will probably be included in Webware 0.9.3.

     
  • Christoph Zwerschke

    • status: open --> closed-accepted
     
  • Christoph Zwerschke

    Logged In: YES
    user_id=193957
    Originator: NO

    This patch has been applied in rev6502.

     

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks