- From: Shawn Duffy <sduffy@aol.net>
- Date: Thu, 05 Apr 2007 10:44:13 -0400
- To: "Close, Tyler J." <tyler.close@hp.com>
- CC: public-wsc-wg@w3.org
Does this also include phishing that is only made possible via XSS, such as a "trusted" site that has been injected with a fake login form via XSS? Is that also out of scope? Just want to make sure I'm clear where we're drawing the boundary... Close, Tyler J. wrote: > I've added a new Out of scope section to our Note to cover XSS attacks. > See: > > http://www.w3.org/2006/WSC/drafts/note/#XSS > > This edit addresses ACTION-160 > > Tyler >
Received on Thursday, 5 April 2007 14:44:58 UTC