Good Day ! I feel really frustrated today since I have been looking for a good solution for an XSS attack Vulnerability but hadn’t found one that would completely get me rid of it…
Please if you have any ideas, comment below. Thanks!
Good Day ! I feel really frustrated today since I have been looking for a good solution for an XSS attack Vulnerability but hadn’t found one that would completely get me rid of it…
Please if you have any ideas, comment below. Thanks!
What did your research tell you about XSS (Cross site scripting)?
I would imagine the best way to completely avoid it is have no input forms on your website!
The best approach is to just not use any user-entered content. But if you must display/use user-entered content, the layered approach is the next best.
<script>
tags for example. This is just to prevent snooping, any serious hacker won’t be stopped by client-side validation.<script>whatever</script>
rather than executing it as plain HTML. There are a number of well-respective libraries and approaches out there to help you with this.The 2nd and 3rd solutions could be done by themselves to prevent most if not all attacks, but having security on both ends is far better than relying on only 1 true defense. The 1st suggestion is primarily to make it harder for a usual person from trying it out. It’s like a fence at any secure location, it wont protect from a tank, but will prevent the average person from just walking in.
The best approach is to just not use any user-entered content. But if you must display/use user-entered content, the layered approach is the next best one