XML.com: XML From the Inside Out

XML.comWebServices.XML.comO'Reilly Networkoreilly.com
  Articles | Weblogs | Newsletter | Safari Bookshelf
advertisement

Article:
Very Dynamic Web Interfaces
Subject: I realize that I'm on XML.com, but....
Date: 2005-04-26 15:58:43
From: krufty
Response to: I realize that I'm on XML.com, but....
incidentally, a programmer mistake by parsing literals on a data feed could result in something like


If your datafeed contained:


alert("oops, thought i took this debug line out of here");


you'd execute it. The datafeed cannot accidentally cause the calling page to execute javascript code unless you eval the data coming back.

Previous Message Previous Message Move up to Parent Message Up Next Message No Next Message

Sponsored By:
Contact Us | Our Mission | Privacy Policy | Advertise With Us | | Submissions Guidelines
Copyright © 2008 O'Reilly Media, Inc. | (707) 827-7000 / (800) 998-9938