[security-dev] OAuth 2.0 and the Road to XSS: attacking Facebook Platform

Bill Burke bburke at redhat.com
Fri Apr 12 17:38:09 EDT 2013


Before I read this, I think the XSS attacks are centered around the 
public OAuth protocols, one-way SSL + confidential clients pretty much 
protect against these issues, IIRC.

On 4/12/2013 4:28 PM, Bruno Oliveira wrote:
> Interesting presentation: http://conference.hitb.org/hitbsecconf2013ams/materials/D2T1%20-%20Andrey%20Labunets%20and%20Egor%20Homakov%20-%20OAuth%202.0%20and%20the%20Road%20to%20XSS.pdf
>
>

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com


More information about the security-dev mailing list