Consideration Points Detecting Cross-Site Scripting
نویسنده
چکیده
Web application (WA) expands its usages to provide more and more services and it has become one of the most essential communication channels between service providers and the users. To augment the users’ experience many web applications are using client side scripting languages such as JavaScript but this growing of JavaScript is increasing serious security vulnerabilities in web application too, such as cross-site scripting (XSS). In this paper, I survey all the techniques those have been used to detect XSS and arrange a number of analyses to evaluate performances of those methodologies. This paper points major difficulties to detect XSS. I don’t implement any solution of this vulnerability problem because; my focus is for reviewing this issue. But, I believe that this assessment will be cooperative for further research on this concern as this treatise figure out everything on this transcendent security problem. Keywordscross-site scripting, injection attack, javascript, scripting languages security, survey, web application security
منابع مشابه
ECE1776F: Project Proposal: A Client-Side Browser-Integrated Solution for Detecting and Preventing Cross Site Scripting (XSS) Attacks
متن کامل
Security Analysis Regarding Cross-Site Scripting on Internet Explorer
The purpose of this paper is to provide an exact evaluation of cross site scripting vulnerabilities on security, as an important factor of software quality. Since, this kind of risks are dependent on the browser, the study takes into consideration three versions of Internet Explorer, and uses an established scoring system, the Common Vulnerability Scoring System, to measure their impact.
متن کاملPixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Technical Report)
The number and the importance of Web applications have increased rapidly over the last years. At the same time, the quantity and impact of security vulnerabilities in such applications have grown as well. Since manual code reviews are time-consuming, error-prone and costly, the need for automated solutions has become evident. In this paper, we address the problem of vulnerable Web applications ...
متن کاملPixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper)
The number and the importance of Web applications have increased rapidly over the last years. At the same time, the quantity and impact of security vulnerabilities in such applications have grown as well. Since manual code reviews are time-consuming, error-prone and costly, the need for automated solutions has become evident. In this paper, we address the problem of vulnerable Web applications ...
متن کاملA Critical Review on Detecting Cross-Site Scripting Vulnerability
The world relies on internet today. We can analyze it in several ways , if you consider the example of money transfer then there are several ways of transferring the money using world wide web, Social Sites and communities like Facebook, Twitter and LinkedIn, mail services etc. and all these services are rely on web browsers. Then the communication is provided by different protocols via web bro...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره abs/0908.4188 شماره
صفحات -
تاریخ انتشار 2009