Developsec: Developing Security Awareness

We talk about cross-site scripting (XSS) all the time, but often overlook the ability to use javascript: in anchor tags.  James talks about this unique ability and how to protect your applications from it.  The related blog post for this can be found at https://www.developsec.com/2017/09/06/javascript-in-an-href-or-src-attribute/ Want to listen on YouTube?  Check out our channel where we are releasing episodes starting from episode 1 at https://www.youtube.com/channel/UCdAqgfdGs0-hPa8FhsODwNw For more info go to https://www.developsec.com or follow us on twitter (@developsec). Join the conversations.. join our slack channel.  Email james@developsec.com for an invitation. DevelopSec provides application security consulting and training to add value to your application security program. Contact us today to see how we can help.