Archives for the Month of June, 2009

New beta of JSReg

I’ve been slowly developing JSReg over the last few months and I’ve dropped lots of code and redone it many times. This latest version is a code rewriter and will sandbox most javascript properties and the goal is to produce a complete locked down version (which can be improved upon later). So far it’s going […]

CSP – Mozilla content security policy

This is my cup of tea, a whole new way to prevent XSS and related attacks. I’ve been looking at the specification and I like the core of the policy preventing external scripts, eval etc. But reading it I started to think of ways around it because it’s fun 🙂 Meta tag The meta tag […]

Minor Safari cross domain bug

I found this while writing Astalanumerator. Safari allows you to overwrite top and parent with native code and maybe other stuff (I haven’t tried). This allows you to define something on domain A and call it on domain B using the top and parent. I’d email Apple about it but the last time I reported […]

Asta la vista baby

A quick update to Astalanumerator, it is now much better. No crashes and a completely new interface. I use a tree menu to traverse objects which can go on forever if you wish. It uses two display windows now, one displays the tree menu and the other displays extra details about the object when clicking. […]

New PHPIDS vector

No new PHPIDS vectors for a while? So I thought I’d write a new one as I had 5 minutes spare while drinking my coffee. I used a new technique (as far as I’m aware) to make things easier 🙂 A very old feature in IE is to allow events to be declared as vbscript […]