Beefy Boxes and Bandwidth Generously Provided by pair Networks
Welcome to the Monastery
 
PerlMonks  

Re: Preventing Cross-site Scripting Attacks

by vladb (Vicar)
on Feb 24, 2002 at 05:02 UTC ( [id://147146]=note: print w/replies, xml ) Need Help??


in reply to Preventing Cross-site Scripting Attacks

I was certainly delighted to read the article. Often, I find a lot of interesting stuff at www.securityfocus.com.

It surprises how easy it is to fool HTML aware sites that lack proper protection/filtering mechanisms. I'm wondering, also, if perlmonks.com is 100% secure from those types of attacks. Let me test it right here by including <LINK REL=STYLESHEET TYPE="text/javascript" SRC=""> tag inside my post:

<LINK REL=STYLESHEET TYPE="text/javascript" SRC="">

I'm sure however this wouldn't work, since these posts are filtered and anything other than a set of accepted tags (such as readmore and common bracketed tags) is tossed away.

"There is no system but GNU, and Linux is one of its kernels." -- Confession of Faith

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://147146]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others lurking in the Monastery: (6)
As of 2024-03-19 08:02 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found