Top "Xss" questions

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users.

How can I sanitize user input with PHP?

Is there a catchall function somewhere that works well for sanitizing user input for SQL injection and XSS attacks, while …

php security xss sql-injection user-input
What is the http-header "X-XSS-Protection"?

So I've been toying around with HTTP for fun in telnet now (i.e. just typing in telnet google.com 80 …

http http-headers xss
How to prevent XSS with HTML/PHP?

How do I prevent XSS (cross-site scripting) using just HTML and PHP? I've seen numerous other posts on this topic …

php xss
How do you configure HttpOnly cookies in tomcat / java webapps?

After reading Jeff's blog post on Protecting Your Cookies: HttpOnly. I'd like to implement HttpOnly cookies in my web application. …

java security cookies xss httponly
How do you use window.postMessage across domains?

It seems like the point of window.postMessage is to allow safe communication between windows/frames hosted on different domains, …

javascript html google-chrome xss
XSS prevention in JSP/Servlet web application

How can I prevent XSS attacks in a JSP/Servlet web application?

java security jsp servlets xss
WARNING: sanitizing unsafe style value url

I want to set the background image of a DIV in a Component Template in my Angular 2 app. However I …

typescript angular xss
How to pass parameters to a Script tag?

I read the tutorial DIY widgets - How to embed your site on another site for XSS Widgets by Dr. …

javascript parameters widget xss script-tag
How do you set up use HttpOnly cookies in PHP

How can I set the cookies in my PHP apps as HttpOnly cookies?

php security cookies xss httponly
Sanitizing user input before adding it to the DOM in Javascript

I'm writing the JS for a chat application I'm working on in my free time, and I need to have …

javascript xss escaping