Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users.
I have a question regarding a potential security issue/limitation regarding JavaScript hosted on a domain (ex: domain of a …
javascript security xss same-origin-policySometimes, server side will generate strings to be embedded in inline JavaScript code. For example, if "UserName" should be generated …
javascript html xss encodeI have a simple forums application, when someone posts any content, i do: post.Content = Sanitizer.GetSafeHtml(post.Content); Now, …
asp.net .net security xss antixsslibraryI'm using Chrome Version 31.0.1650.63 m. Recently, I've noticed a few errors being thrown in the Chrome developer console, but nothing …
google-chrome youtube xss x-frame-optionsI'm putting together a site that will make itself available for user input. I was wondering if writing a function …
php security xssI'm trying to map out how the Play framework supports escaping. This is a nice page spelling out the needed …
java security escaping xss playframeworkI am creating an android web app using Webview and Javascript making addJavascriptInterface(true). My App will content data(html) …
javascript android webview xss malwareThis question is relating to the code window.location = window.location as a method to refresh the page and is …
javascript xss window.locationI need to use the Encode.forHtml() in a js file. i'm using the jar Recommended by OWASP - encoder-1.2.…
javascript xss owasp esapi cross-site