Cross-Site Scripting (XSS) is the method of code injection whereby a malicious user injects code (html, javascript) which would get executed from the site on the users browser. When Google finds this, it will show up a warning message in its search results if the users had searched for a specific term for which your site is indexed. This can harm your user base.
XSS attacks are classified as
– Persistent attacks
– Non-persistent attacks
Non-persistent attacks are the holes in the application, where by a malformed code gets injected via your site to your user’s browser. This mostly happens when search engines indexes a page with a link of your site with malformed code injected by a malicious user.
Persistent attacks occur when the user’s (malicious) input is entered into a system and get stored into the system without proper validation. When naive users visit your site, they get infected with the malicious users code. This happens in Forums, Comments section where by the entered data is not sanitized.
As the key to accepting any user input, VALIDATE ALL DATA before storing it in your server. That by far reduces a lot of problem and hence saves your time.
To circumvent XSS, different users/applications have come with different methods like
i) avoiding html or script input
ii) have custom built tags which behave like html when presenting the text (e.g. wiki)
iii) using regular expression to build filters
Functions used in MVC frameworks to prevent XSS attacks
CakePHP: Usage of Sanitize
CodeIgniter: xss_clean
HTMLPurifier is an application used by major softwares like CodeIgniter MVC, Symfony, WordPress, Drupal, Joomla
Read through OWASP’s site for a list of common vulnerabilities.
