Re^3: Test Driven Development, for software and for pancakes

I offer 3. through the client or transport layer if mishandled at the code level. There have been some really esoteric bugs like the UTF-7 XSS exploit in older IEs. Not a lot of devs know/knew that even doing something as seemly harmless, and rampantly common, as character encoding improperly could be a security hole.

Comment on Re^3: Test Driven Development, for software and for pancakes

Replies are listed 'Best First'.
Re^4: Test Driven Development, for software and for pancakes by talexb (Chancellor) on Jul 24, 2017 at 15:56 UTC
.. in older IEs .. Since IE is a Microsoft browser that only runs on Microsoft operating systems, my thinking is that this still falls under the second of my vectors, and is an extension of the operating system. As part of the testing of each version of Windows, it makes sense that Microsoft would test all versions of IE under each version of Windows. Whether or not each browser version and each operating system version is supported, may be open to question or interpretation. Alex / talexb / Toronto Thanks PJ. We owe you so much. Groklaw -- RIP -- 2003 to 2013.	[reply]
Re^5: Test Driven Development, for software and for pancakes by Your Mother (Archbishop) on Jul 24, 2017 at 16:28 UTC
Strangely enough there was a court case to decide this. M$FT said IE was a part of the OS, court said, nope. :P Though perhaps not unlike tomatoes. Sure they are really fruit but they are legally a vegetable. Human beings are weird.	[reply]