Yorkville High School Computer Science Department
Yorkville High School Computer Science Department on Facebook  Yorkville High School Computer Science Department Twitter Feed  Yorkville High School Computer Science Department on Instagram

Yorkville High School Computer Science

ASSIGNMENTS: Compiler Part 1 - November 19, 2018 :: Challenges 6 - November 19, 2018 :: Compiler Part 2 - December 3, 2018 >>

Computer Security :: Lessons :: Cross-Site Scripting

Cross-Site Scripting

Javascript is another vector that can be used to attack a web application. Cross-site scripting (XSS) are the Javascript version of an injection attack. Malicious scripts are injected into trusted websites that allow user input. The video below shows some examples of XSS attacks and some simple prevention measures.

The Open Web Application Security Project has a list of XSS prevention rules. Not every rule will apply to your web application, but you need to make sure you protect your web app against any XSS attacks it is vulnerable to. There is more specific information in the link to implement XSS prevention strategies.

Yorkville High School Computer Science Department on Facebook Yorkville High School Computer Science Department Twitter Feed Yorkville High School Computer Science Department on Instagram