[cvs] [Wiki] changed: SecurityMeasures
Wiki Guest
wikiguest at horde.org
Thu Nov 2 00:13:39 PST 2006
guest [202.141.151.78] Thu, 02 Nov 2006 00:13:38 -0800
Modified page: http://wiki.horde.org/SecurityMeasures
New Revision: 1.4
Change log: nothing
@@ -1,7 +1,7 @@
+ Security Measures
All Horde software is developed with strict coding standards and under continuous peer review. It's in development for 7 years and being reviewed for security issues by user, administrators, security experts and developers constantly.
-We have active measures against common web application flaws like session fixation and cross site scripting.
+We have active measures against common web application flaws like session fixation and cross site scripting.Something very interesting might happen.
The only piece of code that needs regular updates to fix XSS holes is the HTML MIME viewer that is used to view HTML messages in IMP. The reason is that people still find new ways to trick browsers, especially Internet Explorer, to execute script code every other day. Thus this viewer is disabled by default. Our filter is still one of the best available though, so other projects are using it in their applications too.
More information about the cvs
mailing list