Security has been much of a concern for a long time and so it is important that you secure your web apps in the right away and you add the right amount of security.
Cross Site Scripting (XSS) is one of the most common vulnerability that most of the sites out there have got. It seems that about 65% of the websites over the internet are vulnerable to XSS. So why don't you just add your site to the rest 35%.
In this video showing you a demo on how XSS is performed and how you could prevent that.
Cross Site Scripting (XSS) is one of the most common vulnerability that most of the sites out there have got. It seems that about 65% of the websites over the internet are vulnerable to XSS. So why don't you just add your site to the rest 35%.
YOU MIGHT ALSO LIKE : What is And How To Prevent Session Hijacking in PHP
Basic Principle :
The Basic principle behind XSS attacks is that if the user has got a text area to enter some details in it and pass it in a form and if you don't monitor the data that the user enters then he would be able to add HTML tags and even inject Javascript ! So you need to filter the data to make sure that the user input is free of Javascript for sure and the HTML part is just your wish. So take a look into the video to get to know on how to prevent the user from entering some Javascript into the input fields.
The Awesome Google Chrome :
If you are going to try XSS on Google Chrome you are going to fail even if the developer has not added any kind of data sanitization. This is because Chrome has some inbuilt stuff that prevents the users from entering Javascript into the input fields. But rest of the browsers out there are vulnerable to this attack. So it is even safer to use Chrome when you browse.
So maybe I'd be making more such videos in the future on PHP Security. Safe Coding :)
0 comments:
Post a Comment