Log in

No account? Create an account
Previous Entry Share Next Entry
HTML Cleaner "Spermicide"
While we could discuss forever that HttpOnly isn't a complete solution for all
attack instances, that's not what matters. It's like saying, "Well, condoms
don't _always_ work, so let's just not use anything!" HttpOnly does work most
of the time, especially for stopping what our HTML/CSS spermicide doesn't.

-- Brad, https://bugzilla.mozilla.org/show_bug.cgi?id=178993#c49

  • 1
I just thought the analogy was funny. ;)

Well yes, there is that. ;-)

  • 1