
Stop Those XSS Cookie Bandits iRule Style - joepruitt
http://devcentral.f5.com/weblogs/Joe/archive/2008/08/29/stop-those-xss-cookie-bandits-irule-style.aspx
======
tptacek
So, if you have $25,000 to blow on a Big-IP, you can get an XSS countermeasure
that doesn't keep attackers from hijacking sessions, and doesn't prevent them
from harvesting cookies on Firefox and Safari.

