Categories

Updated: 02/15/2008

Preventing Cross Site Script Attacks

Cross Site Script or XSS is one of the popular methods for attacking not only to Ajax based websites but almost any other website that accepts user inputs. Even before Ajax was conceptualized, this attack was already practiced by different hackers. There was one hack that was used in 2005 wherein MySpace.com was targeted. It uses a simple JavaScript function that could be embedded in user s website and others. Once they view the webpage, the My Hero link is changed to the name of the hacker. It is practically a pyramid hack since anyone who sees the profile became the host of the hack. The code was actually posted by the builder of the hack in possible reparation for what he did. It is just a simple JavaScript that could be embedded in any website. It just does not hack any information, it practically takes over every function it wants to. Here are some practices that will prevent future attacks using XSS.
©2003-2019 jCay.com