Web Application Security (thread)

Is URL encoding required., Sharma, Amit, 2006/11/27
Fwd: SF new column announcement: A Hard Lesson in Privacy, Andrew van der Stock, 2006/11/27
[Full-disclosure] The state of JavaScript Hacking, pdp (architect), 2006/11/27
- Re: [Full-disclosure] The state of JavaScript Hacking, Martin Johns, 2006/11/27
- Re: [WEB SECURITY] The state of JavaScript Hacking, bugtraq, 2006/11/28
RE: [WEB SECURITY] Sesion hijacking impossible with SSL client authentication?, Boaz Shunami, 2006/11/26
- Re: [WEB SECURITY] Sesion hijacking impossible with SSL client authentication?, ed, 2006/11/27
[Full-disclosure] AttackAPI 2.0 alpha, pdp (architect), 2006/11/25
[Full-disclosure] CSRF with MS Word, David Kierznowski, 2006/11/24
Re: Enumerate Web Virtual Site, pagvac, 2006/11/19
Re: [WEB SECURITY] Java Swing Application Security, Jeff Robertson, 2006/11/16
Challenges faced by automated web application security assessment tools, bugtraq, 2006/11/14
SIFT Web Services Security Testing Framework, Paul Theriault, 2006/11/13
Ajax Security presentation from OWASP meeting, Andrew van der Stock, 2006/11/09
Files upload security considerations, Alexander Berezhnoy, 2006/11/09
- Re: Files upload security considerations, Cleiton Martins, 2006/11/09
- Re: Files upload security considerations, ed, 2006/11/09
  - Re: Files upload security considerations, Peter Butler, 2006/11/11
    - Re: Files upload security considerations, ed, 2006/11/13
- Re: Files upload security considerations, c0redump, 2006/11/09
- Re: Files upload security considerations, c0redump, 2006/11/09
  - Re: Files upload security considerations, Hemil, 2006/11/11
RSS Injection in Sage part 2, David Kierznowski, 2006/11/08
[Full-disclosure] SQL Injection with cursors?, Andres Molinetti, 2006/11/08
- RE: [Full-disclosure] SQL Injection with cursors?, Maxime Ducharme, 2006/11/08
Call for papers: ARES 2007 submission deadline approaches in 2 weeks: 19-11-2006, Manh Tho, 2006/11/08
.NET Web Service Validation, Michael Eddington, 2006/11/06
New version of Reform encoding library, Michael Eddington, 2006/11/06
XSS Shell v0.3.9, Ferruh Mavituna, 2006/11/05
How to find the login name of a user accessing my website, Anurag Agarwal, 2006/11/05
- Re: How to find the login name of a user accessing my website, ed, 2006/11/05
- Re: How to find the login name of a user accessing my website, Dhruv Soi, 2006/11/05
- RE: How to find the login name of a user accessing my website, Maxime Ducharme, 2006/11/06
EUSecWest/London CFP extended to Nov. 7, Dragos Ruiu, 2006/11/02
Educational write-up by Amit Klein: "A Refreshing Look at Redirection", Amit Klein, 2006/11/02
Cannibals are what they eat, David Glosser, 2006/11/02
Re: Fuzzer Sources, crazy frog crazy frog, 2006/11/01
Re: Search Engine for Security and eSecurity Community, Stefano Di Paola, 2006/11/01
- Re: Search Engine for Security and eSecurity Community, Saqib Ali, 2006/11/01
- Re: Search Engine for Security and eSecurity Community, Rory McCune, 2006/11/01
Re: Why doesn't Amazon enforce a password policy?, Tom Whiting, 2006/11/01
- Re: Why doesn't Amazon enforce a password policy?, Jeff Robertson, 2006/11/01
- RE: Why doesn't Amazon enforce a password policy?, James Strassburg, 2006/11/01
  - Re: Why doesn't Amazon enforce a password policy?, Jeff Robertson, 2006/11/01
    - Re: Why doesn't Amazon enforce a password policy?, Gunnar Rene Øie, 2006/11/02
    - Re: Why doesn't Amazon enforce a password policy?, Gunnar Rene Øie, 2006/11/02
- RE: Why doesn't Amazon enforce a password policy?, Brooks, Shane, 2006/11/01
- Re: Why doesn't Amazon enforce a password policy?, Jamie Riden, 2006/11/01
- RE: Why doesn't Amazon enforce a password policy?, Jason Gregson, 2006/11/01