Tag Archives: Cross-site scripting

Detect if user input contains prohibited tags

Inspired by my previous article on XSS I thought I’d show a quick, simple and nice way to detect if user input contains some form of script or prohibited tags. Thankfully PHP developers have a function known as strip_tags. This …

Posted in PHP

A look into exploitation: XSS

XSS, also known as CSS (Cross-Site Scripting, not Cascading Style Sheets) is actually one of the most common forms of web application vulnerability, and is becoming just as popular as SQL Injection. General overview Attackers can inject HTML, JavaScript, VBScript, …

Posted in Development