Common safety prevention against XSS
Cross-site Scripting (XSS) Attack
"Cross-site Scripting (XSS) refers to client-side code injection attack wherein an attacker can execute malicious scripts (also commonly referred to as a malicious payload) into a legitimate website or web application. XSS is amongst the most rampant of web application vulnerabilities and occurs when a web application makes use of unvalidated or unencoded user input within the output it generates."
How it works
Preventions
- Basic Input validations on Client Side Code
- Strong Input validations on Server Side Code. Including retrieving all possible valid input validations from database to validate input
Source Article:
https://www.acunetix.com/websitesecurity/cross-site-scripting
No comments:
Post a Comment