DevelopSec Podcast #81 - JavaScript in HREF and SRC

We talk about cross-site scripting (XSS) all the time, but often overlook the ability to use javascript: in anchor tags.  James talks about this unique ability and how to protect your applications from it. 
 
 
 
 
 
DevelopSec provides application security consulting and training to add value to your application security program. Contact us today to see how we can help.