Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
A slashdot user suggested the following
"One possible work around on the server side:
Direct your web server to serve .pdf files as mime type "application/octet"
That way the files will be saved to disk instead of opening in the browser plug
in."
URL:
http://it.slashdot.org/comments.pl?sid=214868&threshold=1&commentsort=0&mode=thread&cid=17450834
This may cause undesired effects on certain browsers on the otherhand.
- Robert
http://www.cgisecurity.com/ Website Security news, and more
http://www.cgisecurity.com/index.rss [RSS Security Feed]