Reply to Re: [PHP] security/sql issues with php

Your name:

Reply:


Posted by Chris Shiflett on 09/22/05 02:06

bruce wrote:
> i'm confused!!!! regarding XSS. Cross-Site Scripting appears to be
> due to somehow allowing a user to insert 'html'/data/etc into the
> URL that you as the app are expecting? is this correct?

A XSS vulnerability exists whenever you output tainted data. For
example, if a user can submit data to your application, and you use this
data in an echo statement without filtering it (or escaping it, as
Jasper noted), you have a XSS vulnerability.

Here's an example:

echo $_GET['username'];

Here's another example:

<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">

> wouldn't this be easy enough to solve in most cases, if the app
> did the proper validation/data checking?

Yes, but the more important point is to escape output. If you have data
that you want to display in HTML without it being interpreted as HTML,
use something like htmlentities() to escape it.

Hope that helps.

Chris

--
Chris Shiflett
Brain Bulb, The PHP Consultancy
http://brainbulb.com/

[Back to original message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация