Hypothesis

5 Matching Annotations

May 2020
www.facebook.com www.facebook.com

What is a Self-XSS scam on Facebook? | Facebook Help Center | Facebook

1
1. TylerRick 28 May 2020
  
  in Public
  
  scam security: cross-site request forgery security: cross-site scripting (XSS) vulnerability
Visit annotations in context

Tags

security: cross-site request forgery

security: cross-site scripting (XSS) vulnerability

scam

Annotators

TylerRick

URL

facebook.com/help/246962205475854
Nov 2018
zh.wikipedia.org zh.wikipedia.org

跨站请求伪造 - 维基百科，自由的百科全书

1
1. catcuts 21 Nov 2018
  
  in Public
  
  跟跨网站脚本（XSS）相比，XSS 利用的是用户对指定网站的信任，CSRF 利用的是网站对用户网页浏览器的信任。
  
  XSS 是对客户端的攻击
  
  CSRF 是对服务端的攻击
  
  xss csrf
Visit annotations in context

Tags

xss

csrf

Annotators

catcuts

URL

zh.wikipedia.org/wiki/跨站请求伪造
Oct 2018
dzone.com dzone.com

Using the SameSite Cookie Attribute to Prevent CSRF Attacks - DZone Security

1
1. kael 26 Oct 2018
  
  in Public
  
  xss http security
Visit annotations in context

Tags

xss

http

security

Annotators

kael

URL

dzone.com/articles/using-the-same-site-cookie-attribute-to-prevent-cs
scotthelme.co.uk scotthelme.co.uk

Cross-Site Request Forgery is dead!

1
1. kael 26 Oct 2018
  
  in Public
  
  xss security http
Visit annotations in context

Tags

xss

http

security

Annotators

kael

URL

scotthelme.co.uk/csrf-is-dead/
Sep 2018
github.com github.com

cure53/DOMPurify

1
1. kael 21 Sep 2018
  
  in Public
  
  DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG
  
  dompurify json-ld dom security xss
Visit annotations in context

Tags

dom

security

xss

dompurify

json-ld

Annotators

kael

URL

github.com/cure53/DOMPurify