Beefy Boxes and Bandwidth Generously Provided by pair Networks
Pathologically Eclectic Rubbish Lister
 
PerlMonks  

Re: Preventing Cross-site Scripting Attacks

by vladb (Vicar)
on Feb 24, 2002 at 05:02 UTC ( #147146=note: print w/ replies, xml ) Need Help??


in reply to Preventing Cross-site Scripting Attacks

I was certainly delighted to read the article. Often, I find a lot of interesting stuff at www.securityfocus.com.

It surprises how easy it is to fool HTML aware sites that lack proper protection/filtering mechanisms. I'm wondering, also, if perlmonks.com is 100% secure from those types of attacks. Let me test it right here by including <LINK REL=STYLESHEET TYPE="text/javascript" SRC=""> tag inside my post:

<LINK REL=STYLESHEET TYPE="text/javascript" SRC="">

I'm sure however this wouldn't work, since these posts are filtered and anything other than a set of accepted tags (such as readmore and common bracketed tags) is tossed away.

"There is no system but GNU, and Linux is one of its kernels." -- Confession of Faith


Comment on Re: Preventing Cross-site Scripting Attacks

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://147146]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others musing on the Monastery: (14)
As of 2015-07-28 17:54 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (258 votes), past polls