FrontendWalla

Solutions for Real World Frontend Problems.

XSS Attacks

XSS Attacks – exploits a vulnerability in a website that the victim visits, in order to get the website to deliver the malicious JavaScript for him.

This Javascript can – 

1. Read Cookie.
2. Modify DOM.
3. Make XMLHTTPCalls.

Doing these three things actually leads to problems like – 


1. Cookie Theft – Can be dangerous if Attacker reads your session cookie and tries to get information out of it.
2. Key Logging – Add Key Listener and Read what user is Typing.
3. Phishing – Insert Login Forms in HTML.

So its very necessary to figure out Vulnerabilities in the Server Side and Client Side Code so that a XSS attack cannot be made. This can be done by securing  input handling. 

Which can be done in two ways – 

1. Encoding – escapes the user input so that the browser interprets it only as data, not as code.
2. Validation. – filters the user input so that the browser interprets it as code without malicious commands.






XSS Attacks

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to top