The World Wide Web Security FAQ

Lincoln D. Stein <lstein@cshl.org>  & John N. Stewart <jns@digitalisland.net>

Version 3.1.2, February 4, 2002


This information is provided by Lincoln Stein (lstein@cshl.org) and John Stewart (jns@digitalisland.net). The World Wide Web Consortium (W3C) hosts this document as a service to the Web Community; however, it does not endorse its contents. For further information, please contact Lincoln Stein or John Stewart, directly.

[down]Table of Contents Forward to Introduction>>


  1. version 3.1.2, added Lithuanian mirror site.
  2. version 3.1.1, fixed a vulnerability introduced by the untainting a variable example.


The master copy of this document can be found at https://www.w3.org/Security/Faq/.

See this page for a listing of mirror sites or if you are interested in becoming a mirror site yourself.


  1. Introduction
  2. What's New?
  3. General Questions
  4. Client Side Security
  5. Server Side Security
  6. CGI Scripts
  7. Protecting Confidential Documents at Your Site
  8. Denial of Service Attacks
  9. Bibliography

Corrections and Updates

We welcome bug reports, updates, reports about broken links, comments and outright disagreements. Please send your comments to lstein@cshl.org and/or jns@digitalisland.net. Please make sure that you are referring to the most recent version of the FAQ (maintained at https://www.w3.org/Security/Faq/); someone else might have caught the problem before you.

Please understand that we maintain the FAQ on a purely voluntary basis, and that we may fall behind on making updates when other responsibilities intrude. You can help us out by making an attempt to identify replacement links when reporting a broken one, and by suggesting appropriate rewording when you have found an error in the text. Suggestions for new questions and answers are welcomed, particularly if you are willing to contribute the text yourself. ;-)
^Table of Contents Forward to Introduction>>

Lincoln D. Stein (lstein@cshl.org) and John N. Stewart (jns@digitalisland.net)

$Id: index.html,v 1.13 2002/02/04 18:59:43 lstein Exp $