Putting aside issues such as the importance of XST, the signal-to-noise
ratio in WhiteHat's paper, the importance of XSS at large, and "whose
fault is it", I would like to show two variants of the XST attacks,
which do not require TRACE support at the server (therefore technically
perhaps d...
Putting aside issues such as the importance of XST, the signal-to-noise
ratio in WhiteHat's paper, the importance of XSS at large, and "whose
fault is it", I would like to show two variants of the XST attacks,
which do not require TRACE support at the server (therefore technically
perhaps d...
[ more ]