Computerworld

IE URI encoding behavior facilitates XSS attacks, researchers say

An inconsistency in how Microsoft’s Internet Explorer (IE) encodes double quotes in URIs (uniform resource identifiers) can facilitate cross-site scripting (XSS) attacks, researchers from security ...
Ars Technica

Saving/encoding free-form text from webapp in URI?

I have a web application that allows the user to enter a query that gets sent to a backend server for processing. I would like to give the ability to link to this webapp such that the query is ...