XSS vulnerabilities form the most basic in security concept and is basically a subclass of code injection. XSS comes in three forms
finding and exploiting these type of vulnerabilities are very common. now comes the question on how to
protect against them
.To protect the web application again XSS vulnerability some people simple escape the tags.Thought it is effective but it leads to loss of functionality in cases. cause now a user cant post out a comment. to escape from situations like these the concept of html encoding was introduced. HTML Encoding renders text in such format that the text is only displayed but not processed by the scripting engine of the browser.
No comments:
Post a Comment