canmove, Confirmed users
1,220
edits
Security/Reviews/Gaia/homescreen: Difference between revisions
Jump to navigation
Jump to search
Security/Reviews/Gaia/homescreen (view source)
Revision as of 22:43, 25 February 2013
, 25 February 2013→1. XSS & HTML Injection attacks
Ptheriault (talk | contribs) |
Ptheriault (talk | contribs) |
||
| Line 55: | Line 55: | ||
====1. XSS & HTML Injection attacks==== | ====1. XSS & HTML Injection attacks==== | ||
The homescreen and everything.me contain extensive usage of innerHTML which would be better replaced with DOM calls. (both for performance and security). Mainly though this is for static HTML. | |||
====2. Secure Communications ==== | ====2. Secure Communications ==== | ||