dotvoid.com » xss http://www.dotvoid.com Experiments and thoughts in PHP and javascript Tue, 11 Oct 2011 12:49:15 +0000 http://wordpress.org/?v=2.9.2 en hourly 1 Cross site scripting http://www.dotvoid.com/2005/10/cross-site-scripting/ http://www.dotvoid.com/2005/10/cross-site-scripting/#comments Wed, 26 Oct 2005 08:19:13 +0000 Danne http://www.commodi.com/?p=154 While looking around for cross site scripting resources I stumbled upon this “ha.ckers.org” site which is an excellent source for ideas on how to check for XSS vulnerabilities. I have seen it before but I obviously forgot to bookmark it. Now I saw the site listed in the top of  del.icio.us/tag/xss as well. Another good site to checkout is the http://www.owasp.org and even though their regex collection is not very international it can be useful.

The most annoying thing is that the only user input I allow on my site, the comment form, is vulnerable. I guess I will have to fix that now. Immediately.

]]> http://www.dotvoid.com/2005/10/cross-site-scripting/feed/ 0