Newbie How To Prevent cross-site scripting > or clickjacking
brian.mckee at gmail.com
Tue Apr 28 01:36:39 UTC 2009
On Mon, Apr 27, 2009 at 9:00 PM, Ed <kodiack91 at yahoo.com> wrote:
> I Would be greatful for any info anyone can give on how to prevent
> cross-site scripting
>> or clickjacking
> what are they and what applacations can be used to help prevent this!
You may find the Wikipedia articles a good starting point.
They are broad overlapping catagories without one silver bullet so to
speak, but it is helpful to sign out of sites you log into after you
are done with them (rather than just closing the window and navigating
away) I'd also recommend the NoScript Firefox plugin which can be
very powerful but somewhat user intensive - http://noscript.net
If you have questions like these, you might want to consider listening
to the Security Now podcast. For instance, Episode #168
http://media.grc.com/sn/sn-168.mp3 was about Click Jacking. I would
caution you to not take anything they say on that show as gospel - but
you shouldn't take anything you find anywhere (including right here)
about security as gospel without cooperation and common sense checks.
More information about the ubuntu-users