Xcross Site Scripting

If you think your application is secure as well as input handling is concern then just go there and enter this string <script>alert(‘Adnan’);</script> and if it performs properly then do aishhh if not then just go through this to make it secure

in fact its an script which can be inserted in your application via input boxes at your application and there are many other ways like url, sessions …..  if someone enter such scripting information in your application your application could get crash if thats not handling them properly so whenever you get input from users on your website just encode it either using Microsoft Antixxs Library or simply using HttpUtility and call static methods of them namely htmlencode and blah blah blah it will convert such scripting tags into codes which doesn’t execute and can’t cause of harm for ur application……

for more details do googling or leave comment here…………

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s