Re: [PHP] Preventing Cross Site Scripting Vulnerbilities — PHP

You are here: Re: [PHP] Preventing Cross Site Scripting Vulnerbilities « PHP « IT news, forums, messages

Posted by Michael B Allen on 12/08/05 20:23

On Wed, 07 Dec 2005 14:33:07 -0500
Chris Shiflett <shiflett@php.net> wrote:

> Michael B Allen wrote:
> > Can someone recommend a general method for avoiding / eliminating XSS
> > vulnerbilities with PHP?
>
> Yeah, escape output. It's really that simple.

Well after looking at this for a while I agree that makes the most
sense. It's a little unnerving to let scripts find their way into the
database but with in combination with strong validation that can be
minimized and in many cases eliminated.

Mike

Navigation:

Next in forum: Re: [PHP] broken code....
Prev in forum: set quota to disable ...
Thread view: Re: [PHP] Preventing Cross Site Scripting Vulnerbilities

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация