и кто будет HTML чистить?
Nov. 30th, 2011 05:08 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
sab123Изъ Супу пишутъ:
http://lj-support.livejournal.com/840844.html
<<
There is currently a CSRF designed to mislead you into believing LiveJournal is requesting your username and password, when the data is actually being requested by a third party who is trying to gain access to your account.
The attack will appear as though someone has left you a comment, but an image similar to the following will appear requesting your password:
>>
Ну и кто будет HTML в комментах чистить перед тем, как показывать, чтобы такая хня не случалась?
http://lj-support.livejournal.com/840844.html
<<
There is currently a CSRF designed to mislead you into believing LiveJournal is requesting your username and password, when the data is actually being requested by a third party who is trying to gain access to your account.
The attack will appear as though someone has left you a comment, but an image similar to the following will appear requesting your password:
>>
Ну и кто будет HTML в комментах чистить перед тем, как показывать, чтобы такая хня не случалась?
