DocumentCode
2236572
Title
A study on removal techniques of Cross-Site Scripting from web applications
Author
Shanmugasundaram, G. ; Ravivarman, S. ; Thangavellu, P.
Author_Institution
Department of Information Technology, Sri Manakula Vinayagar Engineering College, Puducherry, India
fYear
2015
fDate
22-23 April 2015
Abstract
Cross site scripting (XSS) vulnerability is among the top 10 web application vulnerabilities based on survey by Open Web Applications Security Project of 2013 [9]. The XSS attack occurs when web based application takes input from users through web pages without validating them. An attacker or hacker uses this to insert malicious scripts in web pages through such inputs. So, the scripts can perform malicious actions when a client visits the vulnerable web pages. This study concentrates on various security measures for removal of XSS from web applications (say defensive coding technique) and their issues of defensive technique based on that measures is reported in this paper.
Keywords
Encoding; HTML; Java; Uniform resource locators; cross site scripting; data sanitization; data validation; defensive coding technique; output escaping; scripting languages; vulnerabilities;
fLanguage
English
Publisher
ieee
Conference_Titel
Computation of Power, Energy Information and Commuincation (ICCPEIC), 2015 International Conference on
Conference_Location
Melmaruvathur, Chennai, India
Print_ISBN
978-1-4673-6524-6
Type
conf
DOI
10.1109/ICCPEIC.2015.7259498
Filename
7259498
Link To Document