Outline Cross-site scripting, cont’d CSci 5271 More cross-site risks Introduction to Computer Security Announcements intermission Web security and crypto failure combined Confidentiality and privacy lecture Stephen McCamant Even more web risks University of Minnesota, Computer Science & Engineering More crypto protocols More causes of crypto failure

Filter failure: one-pass delete Filter failure: UTF-7

You may have heard of UTF-8 Encode Unicode as 8-bit bytes Simple idea: remove all occurrences of