Web Applications can be complex in nature, and it's not always possible for developers to prevent vulnerabilities such as XSS.
In this thread 👇🧵,
Learn how they try to prevent XSS, and in #bugbounty it's better to know the defense.
Credits: @saferinternetpr
#infosec
In this thread 👇🧵,
Learn how they try to prevent XSS, and in #bugbounty it's better to know the defense.
Credits: @saferinternetpr
#infosec
1) Filtering User Input: When a user inputs data into the website, the developers want it to be filtered as strictly as possible while still getting the same output as if there was no filter.
2) Response Headers: Within HTTP response headers, developers can prevent XSS that aren't supposed to have any HTML or JavaScript, they can easily use the Content-Type and X-Content-Type-Options headers to make sure that browsers are able to respond the way it's intended.
3) Encoding Data Output: Depending on what output is sent, it usually requires combinations of HTML, URL, JavaScript, and CSS encoding to make sure user-controllable data in HTTP responses is encoded.
4) XSS in Java Apps: Devs can filter inputs with a whitelisted amount of allowed characters, and use libraries like Google Guava to encode your output for HTML context menu attributes. You can also use JavaScript Unicode escapes for JavaScript context menu attributes.
5) XSS in PHP Apps: Devs can filter inputs with a whitelisted amount of characters and use type hints. They can also escape outputs in XSS with htmlentities, ENT_QUOTES for HTML context menu attributes, and JavaScript Unicode to escape JavaScript context menu attributes.
Feel free to add more to this thread. And happy XSS hunting.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
