ngx_xss: Native support for cross-site scripting in an nginx
Michael Shadle
mike503 at gmail.com
Fri Jan 29 00:15:54 MSK 2010
It is probably best to interact with ajax - then there is no middle
tier of php, python, whatever. Slimming the stack down a bit... That
being said I would be really cautious as to what you expose through it
of course.
Sent from my iPhone
On Jan 28, 2010, at 1:11 PM, Tobia Conforto <tobia.conforto at gmail.com>
wrote:
> agentzh wrote:
>> I'm delighted to announce the first release of our new module,
>> ngx_xss. This output filter module adds native support for simple
>> cross-site AJAX to the nginx server. Currently only cross-site GET
>> is implemented, but cross-site POST support is on our TODO list.
>
> Am I the only one wondering what's the use of this module? It seems
> to just add a string and a pair of parentheses around the response.
> Can't you do that on the backend, assuming you have some sort of
> backend? Or on the client side, if the response is to be parsed by
> some client-side javascript?
>
> I don't mean to belittle your effort, I'm just curious!
>
> Tobia
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://nginx.org/mailman/listinfo/nginx
More information about the nginx
mailing list