Comments on: mitigating attacks with content security policy http://hacks.mozilla.org/2009/10/content-security-policy/ hacks.mozilla.org Fri, 10 Feb 2012 00:05:32 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: 谋智社区 » Blog Archives » 火狐五周岁──记录互联网变化的五年 http://hacks.mozilla.org/2009/10/content-security-policy/comment-page-1/#comment-35562 谋智社区 » Blog Archives » 火狐五周岁──记录互联网变化的五年 Mon, 09 Nov 2009 11:32:07 +0000 http://hacks.mozilla.org/?p=1796#comment-35562 [...] 在过去五年中很明显改变的一件事情是在众多现代浏览器──Firefox、Safari、Opera和Chrome──同世界最流行浏览器──IE之间各个方面产生的巨大差异。现代浏览器是为了未来那些互联网应用构建──超级快速的JavaScript,现代CSS,HTML5,支持多样的互联网应用标准,支持可下载字体,支持离线应用,通过canvas 和 WebGL支持原生图像处理,原生视频支持,高级XHR支持兼具高级安全工具和网络能力。 [...] [...] 在过去五年中很明显改变的一件事情是在众多现代浏览器──Firefox、Safari、Opera和Chrome──同世界最流行浏览器──IE之间各个方面产生的巨大差异。现代浏览器是为了未来那些互联网应用构建──超级快速的JavaScript,现代CSS,HTML5,支持多样的互联网应用标准,支持可下载字体,支持离线应用,通过canvas 和 WebGL支持原生图像处理,原生视频支持,高级XHR支持兼具高级安全工具和网络能力。 [...]

]]> By: 5 years of Firefox at hacks.mozilla.org http://hacks.mozilla.org/2009/10/content-security-policy/comment-page-1/#comment-35490 5 years of Firefox at hacks.mozilla.org Mon, 09 Nov 2009 04:51:12 +0000 http://hacks.mozilla.org/?p=1796#comment-35490 [...] raw graphics through canvas and WebGL, native video, advanced XHR capabilities mixed with new security tools and network [...] [...] raw graphics through canvas and WebGL, native video, advanced XHR capabilities mixed with new security tools and network [...]

]]> By: Rayj http://hacks.mozilla.org/2009/10/content-security-policy/comment-page-1/#comment-28006 Rayj Thu, 08 Oct 2009 23:40:05 +0000 http://hacks.mozilla.org/?p=1796#comment-28006 I just dont fucking understand why I block this damn pop up from mozilla and it still keeps coming up with crap i will never buy. i would apprecitate it if you guys drop this crap !!!!!!!!!!i am so pissed off about these damn pop up for shit that no one wants just to make you guys more money. I just dont fucking understand why I block this damn pop up from mozilla and it still keeps coming up with crap i will never buy. i would apprecitate it if you guys drop this crap !!!!!!!!!!i am so pissed off about these damn pop up for shit that no one wants just to make you guys more money.

]]> By: jaredzusmc http://hacks.mozilla.org/2009/10/content-security-policy/comment-page-1/#comment-26437 jaredzusmc Tue, 06 Oct 2009 21:53:07 +0000 http://hacks.mozilla.org/?p=1796#comment-26437 EXCELLENT... the simple Google URL worked but the embedded javascript obviously did not. I'm sure this is just an escape mechanism and not the actual CSP. J. EXCELLENT… the simple Google URL worked but the embedded javascript obviously did not.

I’m sure this is just an escape mechanism and not the actual CSP.

J.

]]> By: jaredzusmc http://hacks.mozilla.org/2009/10/content-security-policy/comment-page-1/#comment-26436 jaredzusmc Tue, 06 Oct 2009 21:51:26 +0000 http://hacks.mozilla.org/?p=1796#comment-26436 Thanks for this info. Really like the definitions of basic attacks. I'm used to the terms, but not all people are. Not trying to "attack" just wanting to see the escape parameters here: <a>Google</a> <a href="http://www.google.com" rel="nofollow">Google</a> Thanks again for the inside scoop, J. Thanks for this info. Really like the definitions of basic attacks. I’m used to the terms, but not all people are.
Not trying to “attack” just wanting to see the escape parameters here:
Google
Google

Thanks again for the inside scoop,

J.

]]>