课程: Programming Foundations: Web Security
今天就开通帐号,24,600 门业界名师课程任您挑!
Cross-Site Scripting (XSS)
- A cross-site scripting attack occurs when an attacker injects code, primarily HTML and JavaScript, into your webpages so that other users' browsers will execute it. It gets its name because an attacker sends scripts across your website to someone else's browser. Cross-site scripting becomes possible when webpages use user supplied data in the HTML response without sanitizing the data first. Cross-site scripting, often abbreviated as XSS, is ranked as one of the top 10 security threats and is the most common web application security flaw. There are three types of cross-site scripting: reflected, stored, and DOM-based. Reflected attacks are the most common type. Let's look closer at them because they will help us to understand all three types. In a reflected XSS attack, an attacker puts JavaScript code to be run in a URL string or in the form data sent with the request. When the page loads, the script runs immediately in…
下载课程离线学习
下载课程到移动设备,轻松离线学习。在领英学习 iOS 或安卓版 APP 下载课程
内容
-
-
-
-
-
-
(已锁定)
Types of credential attacks4 分钟 55 秒
-
(已锁定)
Strong passwords4 分钟 1 秒
-
(已锁定)
URL manipulation and Insecure Direct Object Reference (IDOR)4 分钟 43 秒
-
(已锁定)
SQL injection6 分钟 16 秒
-
(已锁定)
Cross-Site Scripting (XSS)6 分钟 15 秒
-
(已锁定)
Cross-Site Request Forgery (CSRF)4 分钟 21 秒
-
(已锁定)
Cross-Site Request protections3 分钟 38 秒
-
(已锁定)
Cookie visibility and theft4 分钟 37 秒
-
(已锁定)
Session hijacking5 分钟 8 秒
-
(已锁定)
Session fixation3 分钟 18 秒
-
(已锁定)
Remote system execution2 分钟 8 秒
-
(已锁定)
File upload abuse2 分钟 59 秒
-
(已锁定)
Denial of service4 分钟 55 秒
-
(已锁定)
-