xss
JS |Xss defence question
I have a website where users can post comments. I want to know that if they find an xss hole, if they can still get the cookie data although it\'s httpOnly with some kind of XHTTPrequest, Ajax 开发者_[详细]
2023-04-06 17:30 分类:问答Is there risk to having unsanitized user input display in a textarea?
I save two versions of user input in the following sequence: Untrusted user enters raw markdown. Raw markdown is stored in one table.[详细]
2023-04-06 06:25 分类:问答Ajax.Request to external site: XSS or not?
I thought the below was not working because I was attempting XSS, but I tried performing a local port redirect to confirm, and it still wouldn\'t work. Can someone let me know if this is XSS or not, a[详细]
2023-04-05 20:48 分类:问答JSF please don't escape my html [duplicate]
This question already has an answer here: Component to inject and interpret String with HTML code into JSF page[详细]
2023-04-05 02:46 分类:问答Using BBCodes...Parse HTML or remove it altogether? (XSS/PHP)
I\'m creating a开发者_JAVA技巧 mini-forum in PHP and I want to allow user posts with limited text formatting and embedding images, but I want to do it securely (XSS-wise) and I was wondering what\'s t[详细]
2023-04-05 02:36 分类:问答Cross-domain communication with a frame within a frame
I have a page that includes another page on a different domain in an iframe. The page contained in the开发者_如何学运维 iframe is a frameset with another frame.[详细]
2023-04-04 23:40 分类:问答ensuring that iframed content cannot access parent via javascript
while i know that xss rules should apply to iframed content if the domain, protocol etc do not match, i was wondering if there is any way to further ensure that iframed content cannot access the paren[详细]
2023-04-03 11:46 分类:问答Avoiding XSS when echoing POSTed HTML
I have a web page which needs to do the following: dynamically create an HTML fragment using JavaScript[详细]
2023-04-03 03:58 分类:问答How to know, from what site server is getting request?
How i can avoid cross-site-scripting, by knowing, f开发者_StackOverflowrom what site user is requesting data?[详细]
2023-04-02 21:23 分类:问答PHP XSS Question / Clarification
This has been asked before but I need 100% 开发者_JS百科clarity on this issue as it\'s very important for me to get it right.[详细]
2023-04-02 16:20 分类:问答