Chris Eng

Squashing Ants: The Dynamics of XSS Remediation

By Chris EngIs anyone else getting tired of hearing excuses from customers — and worse yet, the security community itself — about how hard
it is to fix cross-site scripting (XSS) vulnerabilities? Oh, come on.
Fixing XSS is like squashing ants, but some would have you believe it’s
more like slaying dragons. I haven’t felt inspired to write a blog
post in a while, but every once in a while, 140 characters just isn’t
enough. Grab your cup of coffee, because I may get a little rambly.