Skip to content

Stupid Websites

by nick on October 15th, 2005

Yesterday Daniel and I found a site that allows stealing ofsessions by changing a parameter in the url. One that is a sequential number. Very high quality and secure. There is probably a way to do some pretty nasty stuff using js injection as well.

On the flipside of that, Cox’s Business Services site considers ” and + to be dangerous characters when typing a note to a customer representative. They could always run it through a few functions and making it safe. Of course they give you a 40×100 window to write your notes in, and just say ‘special characters including ” double quote’ are not allowed, but only after you submit.

Related Posts

  • No Related Post

From → General

Comments are closed.