DevOps Articles

Curated articles, resources, tips and trends from the DevOps World.

Cross-Site Scripting (XSS) Attack Remediation

6 years ago dzone.com

Summary: This is a summary of an article originally published by the source. Read the full original article here →

Preventing XSS

Various factors should be considered while acting on XSS Attacks, for example:

  • Input type in the HTTP request
  • Locations of the HTML document where data would be included

Note

  • A defense that works in one context (such as an HTML attribute) might not work in another context (such as a JavaScript variable assignment)
  • A defense that works with one kind of input (such as input validation and output encoding for a username) will not work with other kinds of input (such as sanitization for untrusted HTML).

We need to use a different output encoding function based on where you are inserting untrusted data into the webpage!

Made with pure grit © 2024 Jetpack Labs Inc. All rights reserved. www.jetpacklabs.com