Difference between revisions of "Talk:Cross-site Scripting (XSS)"

Latest revision as of 04:50, 30 August 2011

XSS using Script Via Encoded URI Schemes

The page mentions XSS using Script Via Encoded URI Schemes, but what are the ways to prevent that? I don't see any matching rule in the cheat sheet. Can some library help? I'm personally interested in a PHP library.

This page is also lacking other XSS vectors, such as CRLF Injection. I (Michael Brooks) would like to add this if there are no objections.

Revision as of 04:50, 30 August 2011 (view source) Michael Brooks (talk \| contribs) ← Older edit		Latest revision as of 04:50, 30 August 2011 (view source) Michael Brooks (talk \| contribs)
Line 2:		Line 2:
	The page mentions XSS using Script Via Encoded URI Schemes, but what are the ways to prevent that? I don't see any matching rule in the cheat sheet. Can some library help? I'm personally interested in a PHP library.		The page mentions XSS using Script Via Encoded URI Schemes, but what are the ways to prevent that? I don't see any matching rule in the cheat sheet. Can some library help? I'm personally interested in a PHP library.

−	This page is also lacking other XSS vectors, such as CRLF Injection. I would like to add this if there are no objections.	+	This page is also lacking other XSS vectors, such as CRLF Injection. I (Michael Brooks) would like to add this if there are no objections.

Difference between revisions of "Talk:Cross-site Scripting (XSS)"

Latest revision as of 04:50, 30 August 2011

XSS using Script Via Encoded URI Schemes

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools