We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Goal is to prevent against Cross Site Script Inclusion (XSSI) attacks on JSON response payload aka JSON vulnerability.
XSSI attack is only successful if the returned JSON response is executable as JavaScript.
aah can add an option to prevent an attack by prefixing JSON response to make them non-executable.
aah
Action Items:
JSONSecure
Reply()
aah.conf
)]}',\n
The text was updated successfully, but these errors were encountered:
#158 Added support to prevent against Cross Site Script Inclusion (XS…
2773872
…SI) attacks (#169)
go-aah/aah#158 docs update
ad63f00
Done 😄
Sorry, something went wrong.
go-aah/aah#158 added secure json config
d87057a
4e0667c
jeevatkm
No branches or pull requests
Goal is to prevent against Cross Site Script Inclusion (XSSI) attacks on JSON response payload aka JSON vulnerability.
XSSI attack is only successful if the returned JSON response is executable as JavaScript.
aah
can add an option to prevent an attack by prefixing JSON response to make them non-executable.Action Items:
JSONSecure
onReply()
builderaah.conf
, default prefix value to)]}',\n
The text was updated successfully, but these errors were encountered: