Chris Schmidt (crschmidt) wrote,
Chris Schmidt
crschmidt

HTML Cleaner "Spermicide"

While we could discuss forever that HttpOnly isn't a complete solution for all
attack instances, that's not what matters. It's like saying, "Well, condoms
don't _always_ work, so let's just not use anything!" HttpOnly does work most
of the time, especially for stopping what our HTML/CSS spermicide doesn't.


-- Brad, https://bugzilla.mozilla.org/show_bug.cgi?id=178993#c49
Subscribe
  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 4 comments