Title :
A study on removal techniques of Cross-Site Scripting from web applications
Author :
Shanmugasundaram, G. ; Ravivarman, S. ; Thangavellu, P.
Author_Institution :
Department of Information Technology, Sri Manakula Vinayagar Engineering College, Puducherry, India
Abstract :
Cross site scripting (XSS) vulnerability is among the top 10 web application vulnerabilities based on survey by Open Web Applications Security Project of 2013 [9]. The XSS attack occurs when web based application takes input from users through web pages without validating them. An attacker or hacker uses this to insert malicious scripts in web pages through such inputs. So, the scripts can perform malicious actions when a client visits the vulnerable web pages. This study concentrates on various security measures for removal of XSS from web applications (say defensive coding technique) and their issues of defensive technique based on that measures is reported in this paper.
Keywords :
Encoding; HTML; Java; Uniform resource locators; cross site scripting; data sanitization; data validation; defensive coding technique; output escaping; scripting languages; vulnerabilities;
Conference_Titel :
Computation of Power, Energy Information and Commuincation (ICCPEIC), 2015 International Conference on
Conference_Location :
Melmaruvathur, Chennai, India
Print_ISBN :
978-1-4673-6524-6
DOI :
10.1109/ICCPEIC.2015.7259498
