XSS Attack
-
Hi Guys, I am testing our site for the xss vulnerability. we have few text boxes, And what ever you fill in this text boxes is saved in the database and then it appears in some other page ( the page generates dynamically ). And When they generates the page dynamically they use htmlencode function to encode the value I have applied on text boxes. My doubt is, is there any way someone can do xss attack on that.. or is it safe enough ????
[ Screen Capture ][ Tool Tip ][ Muliple Desktops ][Greeting Card ]
-
Hi Guys, I am testing our site for the xss vulnerability. we have few text boxes, And what ever you fill in this text boxes is saved in the database and then it appears in some other page ( the page generates dynamically ). And When they generates the page dynamically they use htmlencode function to encode the value I have applied on text boxes. My doubt is, is there any way someone can do xss attack on that.. or is it safe enough ????
[ Screen Capture ][ Tool Tip ][ Muliple Desktops ][Greeting Card ]
-
Hey thanks for the book.:confused: Now onwards i will do the same thing. If Anyone will ask the question about java I will give him the ref to java book , if question is about vc++ give the reference to vc++ book. :suss: Would be helpful if you can answer the question else just leave it.
[ Screen Capture ][ Tool Tip ][ Muliple Desktops ][Greeting Card ]
-
Hey thanks for the book.:confused: Now onwards i will do the same thing. If Anyone will ask the question about java I will give him the ref to java book , if question is about vc++ give the reference to vc++ book. :suss: Would be helpful if you can answer the question else just leave it.
[ Screen Capture ][ Tool Tip ][ Muliple Desktops ][Greeting Card ]
The reason I mentioned that book is because it really is the best one I've seen. It has excellent coverage of xss and how to prevent it. Chris Shiflett is possibly the top PHP security guy in the world (as far as I know). There is far too much on xss to write in post on a forum. Hence, I gave you the link to the book. You will find all the basics in there and it's easy to read. Well worth the money. You wanted an answer to your question: No. It may not be safe enough. But all the answers you need are in the aforementioned book.
-
Hey thanks for the book.:confused: Now onwards i will do the same thing. If Anyone will ask the question about java I will give him the ref to java book , if question is about vc++ give the reference to vc++ book. :suss: Would be helpful if you can answer the question else just leave it.
[ Screen Capture ][ Tool Tip ][ Muliple Desktops ][Greeting Card ]
You could also see his site "shiflett.org" you might find what you need there.