Comments for Web Application Security http://blog.mozilla.org/webappsec creating an open web application security home Mon, 13 Feb 2012 06:34:56 +0000 hourly 1 http://wordpress.org/?v=3.5.1 Comment on Using JSON for Private Data by Oren Ofer http://blog.mozilla.org/webappsec/2012/02/10/using-json-for-private-data/#comment-98 Oren Ofer Mon, 13 Feb 2012 06:34:56 +0000 http://blog.mozilla.org/webappsec/?p=240#comment-98 Note that in case of an improper CSRF protection mechanism, the above helps mitigating the issue but JSON data can be compromised using Dynamic AJAX CSRF

]]> Comment on Mozilla CTF – Registration starts now! by papaspingouins http://blog.mozilla.org/webappsec/2012/01/07/mozilla-ctf-registration/#comment-87 papaspingouins Sat, 07 Jan 2012 22:09:52 +0000 http://blog.mozilla.org/webappsec/?p=261#comment-87 Hello, we are a small french team, and we have heard about the Mozilla CTF.

]]> Comment on Garmr Update by geeknik http://blog.mozilla.org/webappsec/2012/01/05/garmr-update/#comment-84 geeknik Fri, 06 Jan 2012 03:32:34 +0000 http://blog.mozilla.org/webappsec/?p=246#comment-84 Cool, keep up the great work! Just need to get the security team to fix the SSL/TLS issues on all of the https sites. =)

]]> Comment on Securing BrowserID by Mardeg http://blog.mozilla.org/webappsec/2011/12/14/securing-browserid/#comment-77 Mardeg Wed, 14 Dec 2011 23:45:25 +0000 http://blog.mozilla.org/webappsec/?p=203#comment-77 A “Security Now” episode on the TWiT (This Week in Tech) network covered BrowserID, transcript with audio links at http://www.grc.com/sn/sn-329.htm

]]> Comment on Mozilla at Sheffield Hallam by yboily http://blog.mozilla.org/webappsec/2011/12/12/mozilla-at-sheffield-hallam/#comment-76 yboily Tue, 13 Dec 2011 20:09:27 +0000 http://blog.mozilla.org/webappsec/?p=197#comment-76 Hi Paul, it might be; this post will get updated with a link to the recording if/when it becomes available.

]]> Comment on Mozilla at Sheffield Hallam by yboily http://blog.mozilla.org/webappsec/2011/12/12/mozilla-at-sheffield-hallam/#comment-75 yboily Tue, 13 Dec 2011 20:06:16 +0000 http://blog.mozilla.org/webappsec/?p=197#comment-75 Thanks David, the post is updated with the address now!

]]> Comment on Mozilla at Sheffield Hallam by David Day http://blog.mozilla.org/webappsec/2011/12/12/mozilla-at-sheffield-hallam/#comment-74 David Day Tue, 13 Dec 2011 12:09:50 +0000 http://blog.mozilla.org/webappsec/?p=197#comment-74 Sorry that was meant to say, just noticed the room number is missing its in room 6619 of Adsetts
Thanks
David

]]> Comment on Mozilla at Sheffield Hallam by Paul Booker http://blog.mozilla.org/webappsec/2011/12/12/mozilla-at-sheffield-hallam/#comment-72 Paul Booker Tue, 13 Dec 2011 09:04:50 +0000 http://blog.mozilla.org/webappsec/?p=197#comment-72 Will the lecture be recorded?

Thanks

Paul Booker
—————————————–
https://mozillians.org/u/6a5a5f9929
https://wiki.mozilla.org/User:paulbooker

]]> Comment on Automating Test Cases by Jeremy http://blog.mozilla.org/webappsec/2011/10/26/automating-test-cases/#comment-68 Jeremy Fri, 28 Oct 2011 13:35:42 +0000 http://blog.mozilla.org/webappsec/?p=158#comment-68 Seems somewhat similar to Canoo WebTest: http://webtest.canoo.com/webtest/manual/WebTestHome.html

]]> Comment on Automating Test Cases by isaac http://blog.mozilla.org/webappsec/2011/10/26/automating-test-cases/#comment-67 isaac Thu, 27 Oct 2011 15:34:53 +0000 http://blog.mozilla.org/webappsec/?p=158#comment-67 You might want to take a look at a project I’ve been working on for the same problem: http://code.google.com/p/wbts/. If nothing else it might give you some ideas!

]]>