HowTo:Protect Your Users by Ensuring that Data Never Executes as Code

From AgileApps Support Wiki

Revision as of 21:16, 26 June 2012 by imported>Aeric (Created page with "A Cross-Site Scripting (XSS) attack is one in which a script is entered into the data stream. Then, when the data is displayed, the script executes. This guide explains how an XS…")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

A Cross-Site Scripting (XSS) attack is one in which a script is entered into the data stream. Then, when the data is displayed, the script executes. This guide explains how an XSS attack works, and shows you how to guard against it.

Inserting a Script as Data

To start, let's see how such an attack works.

Retrieved from "https://agileappscloud.info/aawiki-src/index.php?title=HowTo:Protect_Your_Users_by_Ensuring_that_Data_Never_Executes_as_Code&oldid=17765"