Reputation: 1211
cross site scripting attacks XSS
I am newbie in web development and i would like to ask a question.
I know Cross site scripting attacks XSS are dangerous when we output and display users info in our pages, when we set cookies and etc.
But when we have a simply site that accept only a contact form with inputs of first name, last name, message and we dont output this info anywhere at the site or we dont use cookies, are Cross site scripting attacks dangerous for my site.
I mean should i do something to prevent xss attacks , for my img src, meta tags or another html tag. Thank you in advance.
Thank you!
Upvotes: 0
Views: 1073
Answers (1)
Reputation: 11
If your page
use any http parameter for output rendering. It's vulnerable to reflected XSS.
use any javascript DOM manipulation. It's vulnerable to DOM based XSS.
below link may help you.
https://www.owasp.org/index.php/Types_of_Cross-Site_Scripting
Upvotes: 0
Related Questions
- Cross site scripting attacks and same origin policy
- VeraCode - This call to name() contains a cross-site scripting (XSS) flaw
- How to avoid Cross Site Scripting (XSS) attacks while using JSF and RichEditor
- How do HttpOnly cookies work with AJAX requests?
- Best practice for allowing Markdown in Python, while preventing XSS attacks?
- Cross site scripting(XSS)