2 research outputs found
Detecting DOM based XSS vulnerabilities using debug API of the modern web-browser
Π Π°ΡΡΠΌΠ°ΡΡΠΈΠ²Π°Π΅ΡΡΡ ΡΠ΅ΡΠ΅Π½ΠΈΠ΅ Π·Π°Π΄Π°ΡΠΈ ΠΏΠΎΠΈΡΠΊΠ° ΡΡΠ·Π²ΠΈΠΌΠΎΡΡΠ΅ΠΉ ΠΊΠ»Π°ΡΡΠ° DOM-based XSS ΡΠ΅ΡΠ΅Π· ΠΏΠΎΡΠ»Π΅Π΄ΠΎΠ²Π°ΡΠ΅Π»ΡΠ½ΡΡ ΠΊΠΎΠΌΠ±ΠΈΠ½Π°ΡΠΈΡ ΠΌΠ΅ΡΠΎΠ΄ΠΎΠ² Π΄ΠΈΠ½Π°ΠΌΠΈΡΠ΅ΡΠΊΠΎΠ³ΠΎ Π°Π½Π°Π»ΠΈΠ·Π° ΠΈ fuzz-ΡΠ΅ΡΡΠΈ-ΡΠΎΠ²Π°Π½ΠΈΡ. ΠΠ»Ρ ΡΠΎΠ·Π΄Π°Π½ΠΈΡ ΠΏΠΎΠ΄Π΄Π΅ΡΠΆΠΈΠ²Π°Π΅ΠΌΠΎΠ³ΠΎ Π΄ΠΈΠ½Π°ΠΌΠΈΡΠ΅ΡΠΊΠΎΠ³ΠΎ Π°Π½Π°Π»ΠΈΠ·Π°ΡΠΎΡΠ° JavaScript-ΠΊΠΎΠ΄Π° ΠΈΡΠΏΠΎΠ»ΡΠ·ΡΠ΅ΡΡΡ ΡΠΎΠ²ΡΠ΅ΠΌΠ΅Π½Π½ΡΠΉ Π²Π΅Π±-ΠΎΠ±ΠΎΠ·ΡΠ΅Π²Π°ΡΠ΅Π»Ρ Firefox Π±Π΅Π· ΠΌΠΎΠ΄ΠΈΡΠΈΠΊΠ°ΡΠΈΠΈ Π΅Π³ΠΎ ΠΈΡΡ
ΠΎΠ΄Π½ΠΎΠ³ΠΎ ΠΊΠΎΠ΄Π°. ΠΡΠΈΠ²ΠΎΠ΄ΠΈΡΡΡ ΠΎΠ±Π·ΠΎΡ ΡΡΡΠ΅ΡΡΠ²ΡΡΡΠΈΡ
ΠΌΠ΅ΡΠΎΠ΄ΠΎΠ² ΠΏΠΎΠΈΡΠΊΠ° ΡΡΠ·Π²ΠΈΠΌΠΎΡΡΠ΅ΠΉ ΠΊΠ»Π°ΡΡΠ° DOM-based XSS
Important Factors to Remember when Constructing a Cross-site Scripting Prevention Mechanism
Web application has become an essential part of daily activities to provide easy accessibility that ensures better performance. It is a platform where sensitive information such as username, password, credit card details, operating system and software version etc. is stored that attracts intruders to generate most of their attacks. Intruders can steal valuable data by compromising web application security flaws; Cross Site Scripting (XSS) vulnerability is one of these. Several studies have been conducted in order to prevent the XSS vulnerability. In this research, we searched Scopus Indexed articles published in the last 11 years (between 2008 and 2020) using two keywords (βXSS Attack Preventionβ and βXSS Preventionβ). The purpose of this study was to conduct a literature review on XSS prevention techniques e.g. strengths and weaknesses, including structural issues and real-time deployment location in order to extract valuable information. This review identified 14 articles among the 25 selected articles that provided various suitable prevention techniques for XSS attacks. Seven articles are based on tools that have been implemented and take into account design, coding, testing, and integrating validation processes, six articles are about server site solutions, and one is about automatic mitigation solutions. As a result, this research will be invaluable in guiding the advancement of XSS prevention techniques