Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on May 3, 2019
We’ll share how we can hack applications and why application security is important. The demonstration shows a web attack using Cross-Site Scripting (XSS).
What is Cross-Site Scripting (XSS): • Cross-Site Scripting (XSS) is one of the top web application security risks—it’s the top risk in the OWASP Top 10 (2017). • Cross-Site Scripting (XSS) can be introduced when untrusted, un-sanitized user input is executed as part of the HTML, or when users can be influenced to interact with malicious links.
Tips for stopping Cross-Site Scripting (XSS attack): Preventing XSS requires separation of untrusted data from active browser content. You can do this by: • Understanding the limitations of frameworks that automatically escape Cross-Site Scripting (XSS) • Escaping untrusted HTTP request data and enabling Content Secure Policy (CSP) • Applying context-sensitive encoding when modifying the browser document