Cross site scripting « Kurinchi Blogger Scribbles … :: Kurinchilamp: Blog on Linux Apache MySQL PHP and Softwares

Posts Tagged ‘Cross site scripting’

Jun 18

2009

Cross site scripting Attack – XSS

Last updated: July 27th, 2009

Cross-Site Scripting (XSS) is the method of code injection whereby a malicious user injects code (html, javascript) which would get executed from the site on the users browser. When Google finds this, it will show up a warning message in its search results if the users had searched for a specific term for which your site is indexed. This can harm your user base.

XSS attacks are classified as
- Persistent attacks
- Non-persistent attacks
(more…)

Tags: cookie hijacking, Cross site scripting, malicious attack, non-persistent attack, persistent attack, XSS
Posted in PHP, Security | No Comments »

May 17

2009

PHP XSS: htmlspecialchars vs. htmlentities

Last updated: May 18th, 2009

Cross site scripting XSS is a term used to refer attacks or loop holes present in the scripting used by websites favoring hackers to exploit this path towards identity theft or phishing.

In PHP, two functions are mainly used to circumvent XSS attacks.
i) htmlspecialchars
ii) htmlentities
(more…)

Tags: Cross site scripting, htmlentities, htmlspecialchars, html_safe library, Pear library, XSS
Posted in PHP, Security | 1 Comment »

M	T	W	T	F	S	S
« Dec
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29

RSS

Kurinchi Blogger Scribbles …

On Open Source Technologies

Posts Tagged ‘Cross site scripting’

PHP XSS: htmlspecialchars vs. htmlentities