On Jul 26, 2007, at 2:28 AM, Fady Anwar wrote: > A white paper about how to counter attack XSS attacks using AJAX > programming techniques > http://barmagy.com/blogs/infinite_loop/archive/2007/07/20/498.aspx Failed assumptions = Flawed solutions. Signing <script> tags? Ow. LOL. Ow. See: http://ha.ckers.org/xss.html While you're there, learn how to forge GET/POST requests. -Bop