期刊名称:International Journal of Communication and Computer Technologies
印刷版ISSN:2278-9723
出版年度:2013
卷号:1
期号:7
出版社:IJCCTS
摘要:A web page contains both text and HTML markup that is generated by the server and interpreted by the client browser. Website only static pages are able to have full control over how the browser interprets these pages. But the websites that take user input to generate pages do not have complete control over how their outputs are interpreted by the client.” The heart of the issue is that if mistrusted content can be introduced into a page, neither the website nor the client has enough information to recognize that this has happened and take protective actions”(CERT* coordination centre).Cross-site scripting (XSS) is generally believed to be the most common web defenselessness. It is one of the most rampant application layer web attacks. In this paper first, we will identify the cross-site scripting techniques, their types and threats. Second, we will try to find and weigh against the controlling mechanisms for alleviation of cross-site scripting (XSS) vulnerabilities in web based programsThere are various papers published focusing on this hitch and research is still going on for completely vanishing it. Our work is just an attempt to recollect full information about the hindrance and solutions on hand till date and get a profound acquaintance about the content to some extent.
