Home » Tag Archives: XSS

Tag Archives: XSS

Detecting and Fixing XSS using OWASP tools

software-development-2-logo

Much have been written about XSS vulnerabilities scanning. In this article we will try to go a little further and show how to fix them. To illustrate the whole process, going from initial detection to providing a fix, we will use a very simple app consisting of two JSP pages: one is a payment form for credit card transactions and ...

Read More »

Cross Site Scripting (XSS) and prevention

java-interview-questions-answers

Variants of Cross site scripting (XSS) attacks are almost limitless as mentioned on the OWASP site (https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)). Here I propose to use a Servlet Filter based solution for sanitization of HTTP Request. The attack Lets see how an XSS attack manifests itself. Attached is an over simplified portlet which shows a scenario which is very common in social and collaboration ...

Read More »

Anti cross-site scripting (XSS) filter for Java web apps

java-interview-questions-answers

Here is a good and simple anti cross-site scripting (XSS) filter written for Java web applications. What it basically does is remove all suspicious strings from request parameters before returning them to the application. It’s an improvement over my previous post on the topic. You should configure it as the first filter in your chain (web.xml) and it’s generally a ...

Read More »
Do you want to know how to develop your skillset and become a ...

Subscribe to our newsletter to start Rocking right now!

To get you started we give you our best selling eBooks for FREE!
Get ready to Rock!
To download the books, please verify your email address by following the instructions found on the email we just sent you.

THANK YOU!

Close