安全 Subdomain And Web Security

hooopo for Shopper+ · March 10, 2013 · Last by hooopo replied at March 11, 2013 · 3375 hits

11 likes

lgn21st #1 March 10, 2013

赞 @hooopo 大神！

Rei #2 March 10, 2013

huacnlee #3 March 10, 2013

我们之前也被公司的安全部门特别叮嘱，淘宝二级域名的项目要特别注意 HTML encode

jasl #4 March 10, 2013

所有静态内容都在又拍云的域名下，无意的减少了安全问题 = =

xds2000 #5 March 10, 2013

安全问题，仍然是程序员需要不断学习的一块内容。

hooopo #6 March 11, 2013

Gihub 给了发现 Github Pages Cookie Tossing 漏洞的哥们（没错，就是用 mass assigment 漏洞黑 Github 那哥们）$500 赏金～

Good news everyone, Github makes first steps with bounty: I received $500 for an interesting bypass of new cookie-tossing protection.

bwlinux #7 March 11, 2013

这个家伙，最初被 github ban 的。

hooopo #8 March 11, 2013

#7 楼 @bwlinux 是哇现在帮 github 修复漏洞帮 rails 修复漏洞。。

You need to Sign in before reply, if you don't have an account, please Sign up first.

11 likes

Total 8 replies

Reward