I just finished reading this so-called whitepaper and the press release, and
all I can say is hyped, sensationalised snakeoil.
The HttpOnly cookie feature, a proprietary Microsoft extension designed to
mitigate a single aspect of XSS, can be circumvented in myriads of ways. In
fact, reading the HTT...
all I can say is hyped, sensationalised snakeoil.
The HttpOnly cookie feature, a proprietary Microsoft extension designed to
mitigate a single aspect of XSS, can be circumvented in myriads of ways. In
fact, reading the HTT...
[ more ]