I need to display external resources loaded via cross domain requests and make sure to only display "safe" content.   Could use Prototype's String#stripScripts to remove script blocks. But handlers such as onclick or onerror are still t...
Which is better to do client side or server side validation?  In our situation we are using    jQuery and MVC.   JSON data to pass between our View and Controller.     A lot of the validation I do is validating data as users enter it. For example I...
In the video below, at time marker 21:40, the Microsoft PDC presenter says it's important that all JSON be wrapped so it's not a top level array:  https://channel9.msdn.com/Events/PDC/PDC09/FT12  What is the risk of an unwrapped top level a...
I am using Backbone.js and the Tornado web server.  The standard behavior for receiving collection data in Backbone is to send as a JSON Array.  On the other hand, Tornado's standard behavior is to not allow JSON Array's due to the followin...
I'm trying to implement JWT in my authentication system and I have a few questions. To store the token, I could use cookies but it's also possible to use localStorage or sessionStorage.  Which would be the best choice?   I have read that JW...
I need to make an AJAX request from a website to a REST web service hosted in another domain.  Although this is works just fine in Internet Explorer, other browsers such as Mozilla and Google Chrome impose far stricter security restrictions, which...
Imagine a space shooter with a scrolling level. What methods are there for preventing a malicious player from modifying the game to their benefit? Things he could do that are hard to limit server-side is auto-aiming, peeking outside the visible are...
While researching the issue of JSON vs XML, I came across this question.  Now one of the reasons to prefer JSON was listed as the ease of conversion in Javascript, namely with the eval().  Now this immediately struck me as potentially problematic f...
I'm trying to figure out a good way to prevent bots from submitting my form, while keeping the process simple. I've read several great ideas, but I thought about adding a confirm option when the form is submitted. The user clicks submit and...
I have an applet to upload some files from specific folder and delete them,but something is wrong when I call an applet function from my javascript code, when I call that function from init() it works fine.  My applet code :  public class Uploader ex...

Tags

Recent Questions

Top Questions

Home Tags Terms of Service Privacy Policy DMCA Contact Us

©2020 All rights reserved.