Y
Hacker News
new
|
ask
|
show
|
jobs
by
randomaccount5
4994 days ago
There is an exploit made possible by returning 'unwrapped' json in response to GET's. This details it fairly nicely:
http://haacked.com/archive/2008/11/20/anatomy-of-a-subtle-js...