assertnotnull
commented
8 years ago Use ConDOMs (Content Delivery Origin Managers)
Open jameslaydigital opened 9 years ago
assertnotnull
commented
8 years ago Use ConDOMs (Content Delivery Origin Managers)
Unlike CSS et al, requesting DICSS from untrusted origins opens opportunities for infection. CDNs that offer shared DICSS are also likely vectors for infection. We need to discuss ways to mitigate the consequences of cross-site injection.
XSS attacks can easily lead to sack overflows. Even with non-blocking DICSS, application will freeze. Additionally, sometimes DICSS is susceptible to general insecurities after a denial of service.