XSS Cross Site Scripting
It’s an XSS in most sites that uses the google search API with it’s generic results template. The api allows any encoding method to be used for output, and doesn’t sanitize until after the page has been converted.
Google.com uses the same API but it’s unaffected because it santizes in UTF8 before converting to the output encoding. It will be interesting to see how quickly this can be patched.
Friday, September 12, 2008
Thursday, September 4, 2008
Google's Chrome browser
Google's Chrome
Google released its first ever Internet browser in a long-awaited move that increased pressure on Microsoft and laid a new foundation for a mass transition to web-based computing.
A test version of the new software, named Google Chrome, was made available for download in more than 100 countries Tuesday. The open-source browser had been in secret development for over two years at the search engine giant.
Google released its first ever Internet browser in a long-awaited move that increased pressure on Microsoft and laid a new foundation for a mass transition to web-based computing.
A test version of the new software, named Google Chrome, was made available for download in more than 100 countries Tuesday. The open-source browser had been in secret development for over two years at the search engine giant.
Monday, September 1, 2008
Cloaking
Cloaking:
Serving different content to users than to Googlebot. This is a direct violation of Google's Webmaster Guidelines. As Google states, "Make pages primarily for users, not for search engines. Don't deceive your users or present different content to search engines than you display to users, which is commonly referred to as cloaking."
Serving different content to users than to Googlebot. This is a direct violation of Google's Webmaster Guidelines. As Google states, "Make pages primarily for users, not for search engines. Don't deceive your users or present different content to search engines than you display to users, which is commonly referred to as cloaking."
Subscribe to:
Posts (Atom)