Win a copy of Mastering Corda: Blockchain for Java Developers this week in the Cloud/Virtualization forum!

Neo Lo

+ Follow
since Jul 02, 2017
Cows and Likes
Total received
In last 30 days
Total given
Total received
Received in last 30 days
Total given
Given in last 30 days
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Neo Lo

I go through the OCMJEA wall of fame several times, but do not find any guidance about how to apply request.
As an Asian people, it is not easy to pass this exam because of our poor English.
So I want to share my name on this big forum for encouraging others.
Before Java EE 6 Enterprise Architect retired, I passed.
1Z0-865 takes me 3 month include studying UML and complete the assignment.
I submitted at 7/31/2020 and take 1Z0-866 at 8/3/2020.

next step -> find soft ware job at USA!
5 months ago

Jeanne Boyarsky wrote:I agree with you that D is more important than C. Without C, you don't have basic protection!

Yes, C is very important for web secure.
I think it's not so close to XSS attack, isn't it?
3 years ago
Hello everyone:
The following answer maybe wrong. May I ask some help here?

Which two measures are most effective in protecting websites from cross site scripting (XSS)
A. Escape “<” and “>” parameters that displayed or evaluated by the JavaScript interpreter.
B. URL-encode “<” and “>”parameters so they will never be evaluated by the JavaScript
C. Ensure that the session cookie is sent only on UTTPS connections.
D. Treat all user-supplied input as unsafe, and white list known good characters
E. Execute all user-supplied scripts in a server-side sandbox.
answer: CE.

I think DE is more correctly. AB is right, but not enough.
3 years ago