Security - XSS

security

https://motherboard.vice.com/en_us/article/wnjwb4/the-myspace-worm-that-changed-the-internet-forever
https://www.veracode.com/security/xss
https://www.owasp.org/images/c/c5/Unraveling_some_Mysteries_around_DOM-based_XSS.pdf
https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet
https://www.owasp.org/index.php/Content_Security_Policy
https://www.owasp.org/index.php/Types_of_Cross-Site_Scripting
https://www.owasp.org/index.php/DOM_based_XSS_Prevention_Cheat_Sheet
https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)
https://www.owasp.org/index.php/ASVS
https://www.owasp.org/index.php/AntiSamy
https://www.owasp.org/index.php/Testing_for_Data_Validation
https://www.owasp.org/index.php/Reviewing_Code_for_Cross-site_scripting
https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
http://cwe.mitre.org/data/definitions/79.html
http://bit.ly/R92c8z
https://developer.mozilla.org/en-US/docs/Security/CSP/Introducing_Content_Security_Policy
https://developer.mozilla.org/en-US/docs/Security/CSP/CSP_policy_directives
https://www.owasp.org/index.php/OWASP_Proactive_Controls#tab=OWASP_Proactive_Controls_2016
https://www.owasp.org/index.php/Testing_for_Reflected_Cross_site_scripting_(OTG-INPVAL-001)
https://www.owasp.org/index.php/Testing_for_Stored_Cross_site_scripting_(OTG-INPVAL-002)
https://www.owasp.org/index.php/Testing_for_DOM-based_Cross_site_scripting_(OTG-CLIENT-001)
https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet
https://www.owasp.org/index.php/DOM_based_XSS_Prevention_Cheat_Sheet
https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
https://www.owasp.org/index.php/OWASP_Java_Encoder_Project
https://cwe.mitre.org/data/definitions/79.html
https://portswigger.net/kb/issues/00200308_client-side-template-injection

Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License