Persistent XSS Attacks and Countermeausures in ColdFusion - Security Series #8

Cross-site Scripting (XSS), to me, is one of those subjects that I feel like I am just barely keeping up with. I understand what it is, but It seems like every time I feel like I have a handle on the ways it can be done, I learn about something new. I am not going to claim to be the be-all-end-all authority on any security subject. It seems like there is always something new, but with XSS, it is especially so.

So, with this post, I am only presenting the information about XSS with which I am familiar. It is not intended to be the ultimate XSS guide. Think of it as in intro to some Cross-Site Scripting exploits and solutions. After reading this, I encourage you to research more on your own, as I will. As I learn more I will post about it.

[More]

Handy Javascript Functions: setTimeout()/clearTimeout()

So the other day I was working on a simple Ajax filter text box. As the user entered text, the table below it would filter based on the entries in the text box. It was simple enough, I was using the onKeyUp event in javascript so that each time the user released the key, the Ajax request was made.

Some of you will see the problem with this already. If the user quickly types in 5, 8, 10, 12 characters, the browser would make that many Ajax calls. And it got even worse if the user hit Backspace several times to clear the field.

[More]

BlogCFC was created by Raymond Camden. This blog is running version 5.9.1. Contact Blog Owner
Clicky Web Analytics