Jump to content
Nytro

Using xss-protection and blocking/bypassing javascript code

By Nytro, in Tutoriale in engleza

Recommended Posts

Nytro Mentor

Nytro

Posted
Posted

Using xss-protection and blocking/bypassing javascript code

Modern browsers have increased a function called "xss protection", which helps to avoid "Cross Site Scriptings" by preventing any script in the url from executing (complete tags as "<script>alert('xss')</script>" are totally stopped). Thanks to this protection, an attacker can spoof a fake XSS attack and stop code blocks in the webpage, avoiding possible security checks(example below).

Examples working only with Chrome and Safari browsers.

Tested browsers: Chrome ( Desktop and Mobile ), Safari, Opera, Firefox.

Link: Using xss-protection and blocking/bypassing javascript code

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...