Tuesday, October 15, 2019
Firefox Blocks Inline and Eval JavaScript on Internal Pages to Prevent Injection Attacks
In an effort to mitigate a large class of potential cross-site scripting issues in Firefox, Mozilla has blocked execution of all inline scripts and potentially dangerous eval-like functions for built-in “about: pages” that are the gateway to sensitive preferences, settings, and statics of the browser. Firefox browser has 45 such internal locally-hosted about pages, some of which are listed 
Subscribe to:
Post Comments (Atom)
Popular Posts
-
Threat actors are exploiting ProxyLogon and ProxyShell exploits in unpatched Microsoft Exchange Servers as part of an ongoing spam campaign
-
Following the release of iOS 10.3.2 on May 15, Apple has stopped signing iOS 10.3.1, the previous version of iOS that was available to consu...
No comments:
Post a Comment