Forum : How to filter javascript code to prevent XSS
Brief description about Online courses   join in Online courses
Home News Viewpoint
Travel Entertainment Auto Gadgets & Electronics Sports Lifestyle Food
Rankings Whitepapers Blogs Conferences About Us
View abhishek shukla 's Profile

How to filter javascript code to prevent XSS

How can we filter JavaScript code to prevent cross site scripting
Asked by abhishek shukla | Oct 27, 2009 |  Reply now
Replies (2)
View abhishek shukla 's Profile
If we have a textbox in our page then attacker can inject the malicious code it that textbox . I want to know how can we filter that code from all places from were we getting inputs ,Also that code can be injected through url address also like sitename.com/search.php?id=1><script>alert(1)</script> how can then we filter this code?
Nov 10, 2009
View teacher siliconindia 's Profile
Hi Abhishek,
In general, there is two type of Cross-site Scripting attaches are there.
1. Stored Cross-Site Scripting attacks,
2. Reflected Cross-Site Scripting attacks.

Cross-Site scripting error come when malicious script code can inserted into Html documents.

Malicious script code can not only be contained in the body of an HTTP request but also in the header.
but the administrator looking at the Web server or application log with a HTML based tool. Then script code contained in header fields and stored in the log file may be executed and show its malicious effects. Thus all data entering the application must be considered untrusted and must be checked for malicious JavaScript code.

Regards,
SiliconIndia Team
Nov 10, 2009

Forum By Category