Рет қаралды 56,249
In this video, I discuss XSS Cross-Site scripting attacks and how to prevent them.
0:00 Intro
2:40 XSS Stored Attacks
The injected script is stored permanently on the target servers. The victim then retrieves this malicious script from the server when the browser sends a request for data.
4:50 Reflected XSS Attacks
When a user is tricked into clicking a malicious link, submitting a specially crafted form, or browsing to a malicious site, the injected code travels to the vulnerable website. The Web server reflects the injected script back to the user's browser, such as in an error message, search result, or any other response that includes data sent to the server as part of the request. The browser executes the code because it assumes the response is from a "trusted" server which the user has already interacted with.
8:00 Source Code Explained
9:50 Prevent XSS Attacks with CSP
16:00 Prevent all scripts with CSP
Source Code
github.com/hnasr/javascript_p...
🏭 Backend Engineering Videos
• Backend Engineering (B...
💾 Database Engineering Videos
• Database Engineering
🛰 Network Engineering Videos
• Network Engineering
🏰 Load Balancing and Proxies Videos
• Proxies
🐘 Postgres Videos
• PostgresSQL
🚢Docker
• Docker
🧮 Programming Pattern Videos
• Programming Patterns
🛡 Web Security Videos
• Web Security
🦠 HTTP Videos
• HTTP
🐍 Python Videos
• Python by Example
🔆 Javascript Videos
• Javascript by Example
👾Discord Server / discord
Become a Member
/ @hnasr
Support me on PayPal
bit.ly/33ENps4
Become a Patreon
/ hnasr
Stay Awesome,
Hussein