SEARCH KEYWORD -- XSS
Web Security: In-Depth Explanation of X-XSS-Protection
What is X-XSS-Protection X-XSS-Protection is an HTTP response header designed to enable or configure built-in cross-site scripting (XSS) filters in certain versions of Internet Explorer, Chrome, and Safari. The purpose of these filters is to detect reflected XSS attacks in the response and prevent the loading of pages, thereby protecting users from such attacks. The X-XSS-Protection response header was initially introduced by Microsoft in Internet Explorer 8 to control the browser's XSS filter. ...
X-XSS-PROTECTION,WEB SECURITY,CONTENT SECURITY POLICY,XSS,CSP 2023-11-29 01:48:40
How to check whether a web page can be loaded in iframe
Sometimes you may want to load other website's page in your own website's iframe, but due to some security concerns, other website may have security configurations which prevent you from loading their pages into your iframe. In this case, if you try to load them, you would see a blank page or a text message telling that it's prohibited. Fortunately, you can detect this before you actually decide to load it. To prevent a page from being loaded by an iframe from other site, the response ...
HTTP,HTML,IFRAME,SECURITY,X-FRAME-OPTIONS,CONTENT-SECURITY-POLICY 2018-07-27 22:36:02
Useful functions to provide secure PHP application
Security is a very important aspect of programming. There are many functions or modules in any kind of real programming language providing security functionalities In modern websites, we may often get inputs form users all around the world.There is a famous saying which says that never trust user input. So in web programming languages, we will often see functions which will guarantee the security of the data input from users. Today we will cover some of these functions in the most famous o...
PHP,security,SQL Injection,XSS,AJAX 2014-10-30 04:21:59
Some hidden XSS injection vulnerabilities
XSS injection refers to a Web page generates some unexpected executable js codes based on user input and these executable codes are executed by web browser,i.e, the source code sent to web browser by the server contains some illegal js codes, and these illegal js codes are related to user's input. Common XSS injection vulnerabilities can be fixed with some functions such as htmlspecialchars(escaping HTML special characters) and strip_tags() or similar, but there are some hidden XSS injecti...
XSS,PHP,Security,Code,JavaScript 2012-08-27 20:32:08
8 very useful and free web security testing tools
With more pervasive of web applications, web security threats are becoming increasingly prominent. Hackers gain web server control by exploiting web server vulnerabilities and SQL injection vulnerabilities, then they may tamper with web content, or steal important internal data, the more serious is to inject malicious code into web pages to affect visitors of websites. Attention is gradually warming up to Web Application Security. Here we recommend eight very useful and free web security testing...
Website, security,Web security,Attack 2012-07-22 10:59:09
JavaScript Attack/Defend
As developers and designers we work hard to build visually attractive, fast and easy to maintain applications. Our goals are to make sure the applications we build stick to users and keep them coming back for more. Security is not always at the forefront of our minds. No one intentionally builds insecure software but often a lack of security knowledge leads developers to build vulnerabilities into their applications. In this article we are going to examine two web security attacks, how they are ...
JavaScript,Attack,Defend,Security,Cross site 2011-10-13 13:09:11
Three Simple Ways to Improve the Security of Your Web App
It seems like web app security has entered the public conscious recently, probably as a result of the press covering the activities of groups like Anonymous and incidents like security breaches at several CAs. Here are a couple of quick security tips to improve the security of your web apps. Think of these as low-hanging fruit, not as a substitute for thorough analysis of your app’s security. If there’s interest in this topic we can do more posts, too - let us know in the com...
Web app,Security,X-FRAME-OPTIONS,SSL 2011-12-08 10:10:20
Beauty of code : How to write graceful PHP code
Writing good code is an art. In order to achieve this, it is necessary to develop good programming habits at the beginning. Good programming habits not only contributes to the early project design (modular),but also allows you to the code easier to understand, so that the maintenance of the code is easier. Bad programming habits will result in more code bugs, and will make future maintenance work difficult. We introduce some good programming habits taking PHP as example. Hope this will help you....
ASP.NET 4 Breaking Changes #1: requestValidationMode cause ValidateRequest=False to fail
The request validation feature in ASP.NET provides a certain level of default protection against cross-site scripting (XSS) attacks. In previous versions of ASP.NET, request validation was enabled by default. However, it applied only to ASP.NET pages (.aspx files and their class files) and only when those pages were executing.In ASP.NET 4, by default, request validation is enabled for all requests, because it is enabled before the BeginRequest phase of an HTTP request. As a result, request valid...
ASP.NET,Html content,Error,ValidateRequest,requestValidationMode 2011-11-07 13:50:29
PHP Security
1. IntroductionWriting PHP applications is pretty easy. Most people grasp the syntax rather quickly and will within short time be able to produce a script that works using tutorials, references, books, and help forum forums like the one we have here at PHP Freaks. The problem is that most people forget one of the most important aspects that one must consider when writing PHP applications. Many beginners forget the security aspect of PHP. Generally, your users are nice people, they will...
PHP,Security,SQL Injection,XSS Cross sit 2011-10-01 02:25:31
RECENT
- Tips for Socializing With Friends During College
- Proximity Cards Do More Than Just Open Doors
- How to choose quality painted auto parts
- Oval engagement rings from MoonOcean: Elegance of form and individual approach
- Hologres vs AWS Redshift
- GoLand connect to Hologres
- A journey to investigate a goroutine leakage case
- Understanding Slice Behavior in Go
- Breaking Barriers: How 3D Printing is Democratizing Product Development
- The Power of Efficiency: 10 Practical Energy-Saving Tips for Tech Startups
- more>>