https://wiki.owasp.org/index.php?title=Test_Client_Side_SQL_Injection&feed=atom&action=historyTest Client Side SQL Injection - Revision history2024-03-28T18:30:57ZRevision history for this page on the wikiMediaWiki 1.27.2https://wiki.owasp.org/index.php?title=Test_Client_Side_SQL_Injection&diff=164656&oldid=prevMmeucci: Created page with "{{Template:OWASP Testing Guide v4}} == Brief Summary == aaa. == Description of the Issue == aa The following script <pre> aa </pre> == Black Box testing and example ==..."2013-12-14T18:03:47Z<p>Created page with "{{Template:OWASP Testing Guide v4}} == Brief Summary == aaa. == Description of the Issue == aa The following script <pre> aa </pre> == Black Box testing and example ==..."</p>
<p><b>New page</b></p><div>{{Template:OWASP Testing Guide v4}}<br />
<br />
== Brief Summary ==<br />
aaa.<br />
<br />
== Description of the Issue == <br />
aa<br />
<br />
<br />
The following script <br />
<br />
<pre><br />
aa<br />
</pre><br />
<br />
== Black Box testing and example ==<br />
Blackbox testing for HTML Injection is not usually performed since access to the source code is always available as it needs to be sent to the client to be executed.<br><br />
<br />
== Gray Box testing and example == <br />
'''Testing for HTML Injection vulnerabilities:'''<br><br />
For example, looking at the following URL:<br />
aa<br />
<br />
aa<br />
<br />
<pre><br />
<script><br />
aa<br />
</pre><br />
<br />
aa.<br />
<br />
== References ==<br />
'''OWASP Resources'''<br />
* [[DOM based XSS Prevention Cheat Sheet]]<br />
* DOMXSS.com - http://www.domxss.com<br />
'''Whitepapers'''<br><br />
* Browser location/document URI/URL Sources - https://code.google.com/p/domxsswiki/wiki/LocationSources<br />
** i.e., what is returned when you ask the browser for things like document.URL, document.baseURI, location, location.href, etc.</div>Mmeucci