Cross-site scripting is a security violation that is normally found in the web applications. It is one of the most frequent application layer web attacks. Many web developers aren’t completely clear on what the term means. This article describes cross-site scripting security issues, how to prevent it. Smarmy of the article:
- What is Cross-site Scripting?
- How to Prevent Cross-site scripting?
What is Cross-site Scripting?
How to Prevent Cross-site scripting?
In ASP.NET applications, we can prevent this XSS by writing a simple code in the web.config file. A sample code is given bellow:
<system.web> <pagesvalidateRequest="true">pages> <system.web>
Then if somebody tries to inject some scripting code then system will display alert message [A potentially dangerous request…]
We can also prevent this by HTML encoding. The sample code for HTML encoding is given bellow:
Technology is changing rapidly and hacker attacks are becoming more sophisticated. But if we understand the basics techniques we can be prepared to prevent future attack techniques that will most definitely arise.