Top "Xss" questions

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users.

Can session storage be safe?

I would like to use session storage to query user data in the database only once and then simply use …

javascript session html storage xss
php - is FILTER_SANITIZE_EMAIL pointless?

I am just creating a registration form, and I am looking only to insert valid and safe emails into the …

php xss
Codeigniter - Disable XSS filtering on a post basis

I'm trying to set up a CMS on the back of a site but whenever post data has a <…

codeigniter xss
Why the cross-domain Ajax is a security concern?

Why was it decided that using XMLHTTPRequest for doing XML calls should not do calls across the domain boundary? You …

ajax security xss
Today's XSS onmouseover exploit on twitter.com

Can you explain what exactly happened on Twitter today? Basically the exploit was causing people to post a tweet containing …

javascript jquery security twitter xss
Input sanitization in ReactJS

I am using ReactJS do develop a simple chat application. Could someone help me to sanitize the input . There is …

reactjs xss sanitization input-sanitization
How good is the Rails sanitize() method?

Can I use ActionView::Helpers::SanitizeHelper#sanitize on user-entered text that I plan on showing to other users? E.g., …

ruby-on-rails xss sanitize
AntiXSS in ASP.Net Core

Microsoft Web Protection Library (AntiXSS) has reached End of Life. The page states "In .NET 4.0 a version of AntiXSS was …

xss asp.net-core-1.0
Cross site scripting attacks and same origin policy

I am familiar with the persistent and non-persistent XSS. I also know about Same origin policy that prevents/restricts requests …

xss same-origin-policy
Why and When to use Django mark_safe() function

After reading the document, the function of mark_safe() is still unclear. I guess it is related to CSRF stuff. …

python django django-templates xss