Today's Question:  What does your personal desk look like?        GIVE A SHOUT

 ALL


  Web Security: In-Depth Explanation of X-XSS-Protection

What is X-XSS-ProtectionX-XSS-Protection is an HTTP response header designed to enable or configure built-in cross-site scripting (XSS) filters in certain versions of Internet Explorer, Chrome, and Safari. The purpose of these filters is to detect reflected XSS attacks in the response and prevent the loading of pages, thereby protecting users from such attacks.The X-XSS-Protection response header was initially introduced by Microsoft in Internet Explorer 8 to control the browser's XSS filter. Subsequently, other browser vendors also implemented this functionality to some extent.Overview of XSS...

717 0       X-XSS-PROTECTION WEB SECURITY CONTENT SECURITY POLICY XSS CSP


  Useful functions to provide secure PHP application

Security is a very important aspect of programming. There are many functions or modules in any kind of real programming language providing security functionalities  In modern websites, we may often get inputs form users all around the world.There is a famous saying which says that never trust user input. So in web programming languages, we will often see functions which will guarantee the security of the data input from users. Today we will cover some of these functions in the most famous open source language  - PHP.In PHP, there are few useful functions which is very handy for preve...

25,896 0       PHP SECURITY SQL INJECTION XSS AJAX


  Some hidden XSS injection vulnerabilities

XSS injection refers to a Web page generates some unexpected executable js codes based on user input  and these executable codes are executed by web browser,i.e, the source code sent to web browser by the server contains some illegal js codes, and these illegal js codes are related to user's input.Common XSS injection vulnerabilities can be fixed with some functions such as htmlspecialchars(escaping HTML special characters) and strip_tags() or similar, but there are some hidden XSS injection vulnerabilities can not be fixed by the two functions above, and sometimes we are not allowed to r...

7,681 0       PHP SECURITY XSS JAVASCRIPT CODE