Beefy Boxes and Bandwidth Generously Provided by pair Networks
P is for Practical

Re: Preventing Cross-site Scripting Attacks

by vladb (Vicar)
on Feb 24, 2002 at 05:02 UTC ( #147146=note: print w/ replies, xml ) Need Help??

in reply to Preventing Cross-site Scripting Attacks

I was certainly delighted to read the article. Often, I find a lot of interesting stuff at

It surprises how easy it is to fool HTML aware sites that lack proper protection/filtering mechanisms. I'm wondering, also, if is 100% secure from those types of attacks. Let me test it right here by including <LINK REL=STYLESHEET TYPE="text/javascript" SRC=""> tag inside my post:

<LINK REL=STYLESHEET TYPE="text/javascript" SRC="">

I'm sure however this wouldn't work, since these posts are filtered and anything other than a set of accepted tags (such as readmore and common bracketed tags) is tossed away.

"There is no system but GNU, and Linux is one of its kernels." -- Confession of Faith

Comment on Re: Preventing Cross-site Scripting Attacks

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://147146]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others romping around the Monastery: (8)
As of 2015-12-01 01:11 GMT
Find Nodes?
    Voting Booth?

    What would be the most significant thing to happen if a rope (or wire) tied the Earth and the Moon together?

    Results (790 votes), past polls