Understanding HTTPS warnings and error messages
If you have visited a HTTPS site and got an error message which you do not understand, then this article is for you. Here I cover the common errors encountered while browsing HTTPS sites.
If you have visited a HTTPS site and got an error message which you do not understand, then this article is for you. Here I cover the common errors encountered while browsing HTTPS sites.
So, today morning I received an email saying I received an Orkut scrap from a friend with contents “Bom Sabado”. Within a minute, I received the same scrap from another friend. Now getting the feeling that this must be some sort of worm, I decided to open Orkut with firebug logging enabled to see what was going on. It turns out that it’s a typical case of Cross-Site Scripting (XSS), the attacker can inject and execute its script from hxxp://tptools.org/worm.js and the contents of scrap are able to by-pass Orkut sanitization.
We all use HTTPS and vaguely understands it as a more secure form of communication. This article is aimed at better understanding of HTTPS and how secure it is.