[security-dev] OAuth 2.0 and the Road to XSS: attacking Facebook Platform

Bill Burke bburke at redhat.com
Fri Apr 12 17:38:09 EDT 2013

Before I read this, I think the XSS attacks are centered around the 
public OAuth protocols, one-way SSL + confidential clients pretty much 
protect against these issues, IIRC.

On 4/12/2013 4:28 PM, Bruno Oliveira wrote:
> Interesting presentation: http://conference.hitb.org/hitbsecconf2013ams/materials/D2T1%20-%20Andrey%20Labunets%20and%20Egor%20Homakov%20-%20OAuth%202.0%20and%20the%20Road%20to%20XSS.pdf

Bill Burke
JBoss, a division of Red Hat

More information about the security-dev mailing list